Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security

Secunia Advisories
September 11, 2006

From , former About.com Guide

Below are the Secunia Security Advisories rated as Highly Critical (or higher) from September 11, 2006.

  • Secunia Advisory 21817
    MyABraCaDaWeb "base" File Inclusion Vulnerabilities
    • Criticality: High
    • Description: ERNE has reported some vulnerabilities in MyABraCaDaWeb, which can be exploited by malicious people to compromise a vulnerable system.

      Input passed to the "base" parameter in index.php and pop.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local and external resources.

    • Secunia Advisory: http://secunia.com/advisories/21817/

  • Secunia Advisory 21833
    RaidenHTTPD "SoftParserFileXml" File Inclusion Vulnerability
    • Criticality: High
    • Description: rgod has discovered a vulnerability in RaidenHTTPD, which can be exploited by malicious people to compromise a vulnerable system.

      Input passed to the "SoftParserFileXml" parameter in raidenhttpd-admin/slice/check.php is not verified before being used to include files. This can be exploited to execute arbitrary PHP code by calling the script directly and including a file from a local or external resource.

    • Secunia Advisory: http://secunia.com/advisories/21833/

  • Secunia Advisory 21842
    Mandriva update for php
    • Criticality: High
    • Description: Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, or by malicious people to potentially compromise a vulnerable system.
    • Secunia Advisory: http://secunia.com/advisories/21842/

  • Secunia Advisory 21850
    mcGalleryPRO "path_to_folder" File Inclusion Vulnerability
    • Criticality: High
    • Description: Solpot has reported a vulnerability in mcGalleryPRO, which can be exploited by malicious people to compromise a vulnerable system.

      Input passed to the "path_to_folder" parameter in random2.php is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

    • Secunia Advisory: http://secunia.com/advisories/21850/

  • Secunia Advisory 21855
    Vivvo Article Management CMS SQL Injection and File Inclusion
    • Criticality: High
    • Description: MercilessTurk has reported some vulnerabilities in Vivvo Article Management CMS, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.
    • Secunia Advisory: http://secunia.com/advisories/21855/

  • Secunia Advisory 21857
    Socketwiz Bookmarks "root_dir" File Inclusion Vulnerability
    • Criticality: High
    • Description: Kacper has reported a vulnerability in Socketwiz Bookmarks, which can be exploited by malicious people to compromise a vulnerable system.

      Input passed to the "root_dir" parameter in smarty_config.php is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

    • Secunia Advisory: http://secunia.com/advisories/21857/

Explore Internet / Network Security
About.com Special Features

Holiday Central

What to eat, where to go, fun things to do and how to save money on the perfect gifts. More >

Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security
  4. Security Bulletins
  5. Secunia Advisories
  6. Secunia Advisories - September 11, 2006

©2009 About.com, a part of The New York Times Company.

All rights reserved.