|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||
SecurityAlert : 803 CVE : CVE-2006-2080 CVE : CVE-2006-2079 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : qex Published : 01.05.2006 Advisory Content : : Discovered by: Qex : Date: 25 April 2006 : : /member.php?action=viewpro&member=[XSS] Can you confirm this? Doing a quick grep of the 1.0.2 source code finds no occurace of "viewpro" at all. The line above also happens to be exactly the same as your DevBB disclosure, suggesting this may be a bad cut/paste? Additionally, in the subsequent posting you refer to additional scripts being affected: /portfolio.php?cat_id=[XSS] /portfolio_photo_popup.php?id=[XSS] Secunia apparently wasn't able to validate all of the XSS but instead found one SQL injection issue: http://secunia.com/advisories/19813/ Can you confirm or clarify any of the above?  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |