Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

2007-10-28T00:00:00
ID SECURITYVULNS:VULN:8297
Type securityvulns
Reporter
Modified 2007-10-28T00:00:00

Description

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: directory traversal in autohtml.php and autohtml0.php allows to obtain password hashes. By requesting non-existant file it's possible to disclosure installation directory.