Search...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

2008-01-08T00:00:00

ID SECURITYVULNS:VULN:8536
Type securityvulns
Reporter
Modified 2008-01-08T00:00:00

Description

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Geeklog: crossite scripting thorugh different form fields.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:8536", "bulletinFamily": "software", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.\r\nGeeklog: crossite scripting thorugh different form fields.", "published": "2008-01-08T00:00:00", "modified": "2008-01-08T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8536", "reporter": " ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:18809", "https://vulners.com/securityvulns/securityvulns:doc:18813", "https://vulners.com/securityvulns/securityvulns:doc:18807", "https://vulners.com/securityvulns/securityvulns:doc:18810", "https://vulners.com/securityvulns/securityvulns:doc:18814", "https://vulners.com/securityvulns/securityvulns:doc:18811", "https://vulners.com/securityvulns/securityvulns:doc:18819", "https://vulners.com/securityvulns/securityvulns:doc:18808"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:28", "edition": 1, "viewCount": 6, "enchantments": {"score": {"value": 4.7, "vector": "NONE", "modified": "2018-08-31T11:09:28", "rev": 2}, "dependencies": {"references": [{"type": "msupdate", "idList": ["MS:983875DE-5885-4775-9574-1960C535B180", "MS:13C172E8-BF69-467E-8DE9-5DD1450182A0"]}, {"type": "mskb", "idList": ["KB3203463", "KB4011275", "KB4011200"]}, {"type": "cve", "idList": ["CVE-2015-8536", "CVE-2019-8536"]}, {"type": "apple", "idList": ["APPLE:HT209605", "APPLE:HT209599", "APPLE:HT209602", "APPLE:HT209601", "APPLE:HT209603", "APPLE:HT209604"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201909-05.NASL", "FREEBSD_PKG_3DD46E059FB011E9BF6500012E582166.NASL", "OPENSUSE-2019-1391.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201909-05"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:06455F1B1E1185D69D281FCC5373FC3E"]}, {"type": "exploitdb", "idList": ["EDB-ID:47258"]}, {"type": "zdt", "idList": ["1337DAY-ID-33126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18814", "SECURITYVULNS:DOC:18808", "SECURITYVULNS:DOC:18810", "SECURITYVULNS:DOC:18819", "SECURITYVULNS:DOC:18807", "SECURITYVULNS:DOC:18813", "SECURITYVULNS:DOC:18809", "SECURITYVULNS:DOC:18811"]}], "modified": "2018-08-31T11:09:28", "rev": 2}, "vulnersScore": 4.7}, "affectedSoftware": [{"name": "netrisk", "operator": "eq", "version": "1.9"}, {"name": "OneCMS", "operator": "eq", "version": "2.4"}, {"name": "eTicket", "operator": "eq", "version": "1.5"}, {"name": "Million Dollar Script", "operator": "eq", "version": "2.0"}, {"name": "Snitz Forum", "operator": "eq", "version": "3.4"}]}

{"rst": [{"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **91[.]192.103.26** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **16**.\n First seen: 2020-10-27T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **tor_node, shellprobe, tor_exit, generic**.\nASN 51395: (First IP 91.192.100.0, Last IP 91.192.103.255).\nASN Name \"ASSOFTPLUS\" and Organisation \"\".\nASN hosts 7878 domains.\nGEO IP information: City \"\", Country \"Switzerland\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-10-27T00:00:00", "id": "RST:E2992F37-A722-3FA7-8536-F8A31DB95018", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 91.192.103.26", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **93[.]95.100.163** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2020-04-06T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 48347: (First IP 93.95.97.0, Last IP 93.95.103.255).\nASN Name \"MTWAS\" and Organisation \"\".\nASN hosts 50153 domains.\nGEO IP information: City \"Podolsk\", Country \"Russia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-04-06T00:00:00", "id": "RST:9E1AB79D-8536-3B7A-BE01-B30BEAFB46FB", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 93.95.100.163", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **103[.]8.115.27** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **22**.\n First seen: 2021-02-09T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 133495: (First IP 103.8.112.0, Last IP 103.8.115.255).\nASN Name \"VISIONTELPK\" and Organisation \"Vision telecom Private limited\".\nASN hosts 5 domains.\nGEO IP information: City \"Lahore\", Country \"Pakistan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-09T00:00:00", "id": "RST:60FDE3FF-18B0-3CDA-8536-D2B10CACD8EE", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 103.8.115.27", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **103[.]147.5.67** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **20**.\n First seen: 2021-01-11T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 137289: (First IP 103.147.2.0, Last IP 103.147.5.255).\nASN Name \"IDNICSIGMAASID\" and Organisation \"PT SIGMA CIPTA CARAKA\".\nASN hosts 182 domains.\nGEO IP information: City \"\", Country \"Indonesia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-11T00:00:00", "id": "RST:1229053C-C7B9-32D0-8536-B60B7C3117A2", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 103.147.5.67", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **103[.]250.166.12** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2020-01-31T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 45916: (First IP 103.250.163.0, Last IP 103.250.167.255).\nASN Name \"GTPLASAP\" and Organisation \"Gujarat Telelink Pvt Ltd\".\nASN hosts 273 domains.\nGEO IP information: City \"Gandhidham\", Country \"India\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-01-31T00:00:00", "id": "RST:EB32C4CD-61F4-3013-8536-CEA883440221", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 103.250.166.12", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **129[.]28.165.213** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **6**.\n First seen: 2020-06-23T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **shellprobe, generic**.\nASN 45090: (First IP 129.28.0.0, Last IP 129.28.255.255).\nASN Name \"CNNICTENCENTNETAP\" and Organisation \"Shenzhen Tencent Computer Systems Company Limited\".\nASN hosts 483346 domains.\nGEO IP information: City \"\", Country \"China\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-06-23T00:00:00", "id": "RST:070271FC-8536-3811-B650-93F98F402A51", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 129.28.165.213", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **82[.]166.62.243** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **12**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 1680: (First IP 82.166.62.71, Last IP 82.166.81.75).\nASN Name \"NVASN\" and Organisation \"CELLCOM ltd\".\nASN hosts 26465 domains.\nGEO IP information: City \"Jerusalem\", Country \"Israel\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:B5C3104D-8536-35E9-8024-AF0B7BBF9623", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 82.166.62.243", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **18[.]214.132.216** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2020-01-02T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **malware**.\nASN 14618: (First IP 18.204.0.0, Last IP 18.215.255.255).\nASN Name \"AMAZONAES\" and Organisation \"Amazoncom Inc\".\nThis IP is a part of \"**amazon_cloud_ec2**\" address pools.\nASN hosts 11703553 domains.\nGEO IP information: City \"\", Country \"United States\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-01-02T00:00:00", "id": "RST:A1FFDC58-CB90-301B-8536-B54BEB865284", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 18.214.132.216", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **23[.]254.202.154** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **12**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 54290: (First IP 23.254.148.0, Last IP 23.254.231.255).\nASN Name \"HOSTWINDS\" and Organisation \"Hostwinds LLC\".\nASN hosts 87911 domains.\nGEO IP information: City \"\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:BE064E00-6D22-35B3-8536-9D9863EF757E", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 23.254.202.154", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **136[.]169.210.110** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **12**.\n First seen: 2020-12-25T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 39593: (First IP 136.169.208.0, Last IP 136.169.211.255).\nASN Name \"ROMSYS\" and Organisation \"\".\nASN hosts 12 domains.\nGEO IP information: City \"YoshkarOla\", Country \"Russia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-25T00:00:00", "id": "RST:BF28EF68-A33A-33B7-8536-3B9F4A3C9BE3", "href": "", "published": "2021-03-06T00:00:00", "title": "RST Threat feed. IOC: 136.169.210.110", "type": "rst", "cvss": {}}]}

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

Description

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Geeklog: crossite scripting thorugh different form fields.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)