Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:14 ноября 2006 г.
Источник:
SecurityVulns ID:6818
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPKIT : PHPKIT 1.6
 PHPWCMS : phpwcms 1.2
 EXOSCRIPTS : ExoPHPDesk 1.2
 AMPACHE : ampache 3.3
 ELOG : ELOG 2.6
 CPANEL : CPanel 10
 SHOPSYSTEMS : ShopSystems 4.0
 TOPSTORY : TOPSTORY BASIC 1.0
 MYSTATS : MyStats 1.0
 PHPMANTA : phpManta - Mdoc 1.0
 ASPIRED2POLL : AspPired2 Poll 1.0
 USTORE : UStore 1.0
 NUCOMMUNITY : NuCommunity 1.0
 NUREMS : NuRems 1.0
 NUSCHOOL : NuSchool 1.0
 MAMBO : shambo2 Mambo component 4.5
 VBULLETIN : vBulletin 3.6
 PHPJOBSCHEDULER : phpjobscheduler 3.0
 PHPDEBUG : Phpdebug 1.1
 ULTRASITE : UltraSite 1.0
 ASPSCRIPTER : ASP Scripter Easy Portal 1.4
 ASPSCRIPTER : ASP Scripter Live Support 1.3
 PROPERTYPRO : Property Pro 1.0
 ASPPORTAL : ASPPortal 4.0
 UPUBLISHER : UPublisher 1.0
 ESTATEAGENTMANAG : Estate Agent Manager 1.3
 DIRECTADMIN : DirectAdmin 1.28
 MINIBB : MiniBB 2
 ONLINEEVENTREGIS : Online Event Registration 2.0
 RAMACMS : Rama CMS 0.68
 PHPWIND : PHPWind 5.0
 MUNCHPRO : Munch Pro 1.0
 STORYSTREAM : Storystream 4.0
 CONTENTNOW : ContentNow 1.30
 VALLHERU : Vallheru 1.0
 OPENSOLUTIONS : Quick.Cart 2.0
 PHPPEANUTS 1.1 : Phppeanuts 1.1
 NETQUERY : Netquery 4.0
 DOTDEB : Dotdeb PHP 5.2
CVE:CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter.)
 CVE-2006-7185 (PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter.)
 CVE-2006-7020 (CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER).)
 CVE-2006-7019 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2006-7018 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via a crafted argument to the nome_evento parameter to phpwcms_code_snippets/mail_file_form.php and (2) sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function.)
Оригинальный текстdocumentAdvisory_(at)_Aria-Security.net, SiteXpress SQL Injection (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, SiteXpress SQL Injection (14.11.2006)
 documentStefan Esser, [Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, ASPintranet SQL Injection (14.11.2006)
 documentSECUNIA, [SA22842] Ampache Unauthorized Guest Access (14.11.2006)
 documentSECUNIA, [SA22864] Netquery "User-Agent" HTTP Header Script Insertion (14.11.2006)
 documentHidayat Sagita, Phppeanuts 1.1 Remote File Include (14.11.2006)
 documentnavairum_(at)_gmail.com, ContentNow Directory Traversal(upload.php) (14.11.2006)
 documenttimq_(at)_hackernetwork.com, ContentNow Directory Traversal(upload.php) (14.11.2006)
 documentSECUNIA, [SA22812] Vallheru mail.php SQL Injection Vulnerabilities (14.11.2006)
 documentwrit3r_(at)_gmail.com, StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities (14.11.2006)
 documentv1per-haCker, StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities (14.11.2006)
 documentphilip anselmo, New Bug MiniBB Forum <= 2 Remote File Include (index.php) (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, DirectAdmin Multiple Cross Site Scription (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL Injection Vulnerability (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, CPanel Multiple Cross Site Scription (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentOS2A BTO, ELOG Web Logbook Remote Denial of Service Vulnerability (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Phpdebug 1.1.0 - Remote File Include by Firewall (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Phpjobscheduler 3.0 - Multiple Remote File Include (14.11.2006)
 documentnavairum_(at)_gmail.com, Aigaion Web Interface remote file inclusion (14.11.2006)
 documentlaurent gaffié, infinicart [ multiples injection sql & xss (post) ] (14.11.2006)
 documentajannhwt_(at)_hotmail.com, NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, NuRems 1.0 Remote XSS/SQL Injection Exploit (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentlaurent gaffié, Mega Mall [ multiples injection sql & full path disclosure ] (14.11.2006)
 documentbenjilenoob_(at)_hotmail.com, MyStats <=1.0.8 [injection sql, multiples xss, array & full path disclosure] (14.11.2006)
 documentAesthetico, TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability (14.11.2006)
 documentAesthetico, [MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue (14.11.2006)
 documentvannovax_(at)_gmail.com, Wordpress File Inclusion (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Exophpdesk V1.2 - Remote File Include (14.11.2006)
 documentphilipp.niedziela_(at)_gmx.de, PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit (14.11.2006)
Файлы:phpManta - Mdoc 1.0
 AspPired2 Poll 1.0
 NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit
 NuRems 1.0 (propertysdetails.asp) Remote SQL Injection Exploit
 NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit
 shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit
 VBulletin DoS Exploit
 AspPortal Password Decrypter
 Online Event Registration <= v2.0 (save_profile.asp) Remote User Pass Change Exploit
 phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit
 Rama CMS <= 0.68 (Cookie: lang) Local File Include Exploit
 PHPWind <= 5.0.1 "AdminUser" blind SQL injection exploit
 Script Name: Munch Pro 1.0 (switch.asp) Remote SQL Injection Exploit
 CMSmelborp(user_standard.php) Remote File Inclusion Exploit
 Quick.Cart <= 2.0 Remote Code Execution Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород