Добірка уразливостей
19:41 31.05.2007В даній добірці уразливості в веб додатках:
- cwmVote 1.0 File Include Vulnerability (деталі)
- PHPFanBase (protection.php) Remote File Include Vulnerability (деталі)
- Azucar CMS <= 1.3 (_VIEW) Remote File Include Vulnerability (деталі)
- phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities (деталі)
- Paristemi 0.8.3b (buycd.php) Remote File Include Vulnerability (деталі)
- Valdersoft Shopping Cart v3.0 (E-Commerce Software)*****[ commonIncludePath ] Remote File Include (деталі)
- PHP remote file inclusion vulnerability in Claroline (деталі)
- PHP remote file inclusion vulnerability in TeamCal Pro (деталі)
- Multiple cross-site scripting vulnerabilities in DCP-Portal SE 6.0 (деталі)
- PHP-інклюдинг в Akarru Social BookMarking Engine (деталі)
Субота, 02:27 02.06.2007
# PHP remote file inclusion vulnerability in Claroline (деталі)
Ouch its a very old vulnerability , patched since more than 1 year
Субота, 13:43 02.06.2007
Claroline team
Oh, really. I know that is a little old (published at source 18.09.2006), but it seems that it is much older vulnerability. So securitylab has a delay in their posts and I have a delay in my own posts and in result we have a hole patched more than 1 year ago in fresh post .
Thanks for informing guys.
Субота, 14:42 02.06.2007
Claroline team, also I want to tell you about your eLearning and eWorking platform.
Like a slightly look at your site some minutes ago, I found a vulnerability at your system (in Claroline 1.8.4). So you guys need to attend to security of yours web sites and web applications and to security-audit.
I will write about this hole in Claroline in my news (and inform you) somewhere after 3-4 months (as minimum). After I’ll write about a lot of other holes in thousands of sites from all the Internet (which are in my list and I am working in chronological order).