Jakarta, Indonesia
[ECHO_ADV_111$2009] Joomla Hotel Booking System Component XSS/SQL Injection Multiple Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : September, 11 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=142
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv95-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : March, 16 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=130
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv91-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : March, 30 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=132
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_93$2008] Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv93-K-159-2008.txt
Critical Lvl : High
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 Multiple Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : September, 16 th 2008
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=108
Critical Lvl : High
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : June, 13 th 2008
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=98
Critical Lvl : Medium
Impact : System access
Where : From Remote
[ECHO_ADV_90$2008] PostNuke Module pnEncyclopedia <= 0.2.0 (id) Blind Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv90-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_92$2008] Anserv Auction XL (viewfaqs.php cat) Blind Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv92-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : March, 16 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=129
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : April, 28 th 2007
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv89-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv94-K-159-2008.txt
Critical Lvl : High
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_96$2008] HiveMaker Professional <= 1.0.2 (cid) Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : May, 30 th 2008
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=91
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_97$2008] Pre News Manager <= 1.0 (index.php id) Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : June, 13 th 2008
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=97
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : February, 23 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=126
Critical Lvl : Medium
Impact : Manipulation of data / Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : July, 14 th 2008
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=102
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : April, 28 th 2007
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv88-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities
-----------------------------------------------------------------------------------------
Author : K-159
Date : March, 11 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=127
Critical Lvl : High
Impact : System Access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : March, 16 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=131
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : February, 7 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=123
Critical Lvl : Medium
Impact : Manipulation of data / Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_99$2008] Relative Real Estate Systems <= 3.0 (listing_id) Sql Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : June, 24 th 2008
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=101
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------
[ECHO_ADV_113$2010] BSI Hotel Booking System Admin Login Bypass Vulnerability
-----------------------------------------------------------------------------------------
Author : K-159
Date : September, 22th 2010
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=165
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
in Open Source.
ApacheCon welcomes submissions for security-focused trainings and
presentations related to the following areas and topics:
* ASF-wide projects such as HTTP Server, Jakarta, Tomcat, Geronimo,
Harmony, SpamAssassin, Portals, and Web Services
* General Web security and secure Web development
* Scripting languages and dynamic content such as Java, Perl,
Python, Ruby, and PHP
* Case studies demonstrating the use of Apache software
[ECHO_ADV_110$2009] Firefox (GNU/Linux version) <= 3.0.10 Denial Of Services
--------------------------------------------------------------------------------
Author : Ahmad Muammar W.K (a.k.a) y3dips
Date Found : June, 4th 2009
Location : Indonesia, Jakarta
web : http://e-rdc.org/v1/news.php?readmore=137
Critical Lvl : Moderated
Impact : Browser will automatically shutdown
Where : From Remote
Disclosure Policy: Full Disclosure Policy (RFPolicy) v2.0
session hijacking or information disclosure.
Background
==========
Tomcat is the Apache Jakarta Project's official implementation of Java
Servlets and Java Server Pages.
Affected packages
=================
|
