Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:6 мая 2006 г.
Источник:
SecurityVulns ID:6096
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPBB : phpBB 2.0
 CUREPHP : CuteNews 1.4
 SAPHPLESSON : SaphpLesson 3.0
 ALBINATOR : Albinator 2.0
 EVOARTICLES : evoArticles 2.0
CVE:CVE-2006-2220 (phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the resulting error message.)
 CVE-2006-2219 (phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote attackers to obtain sensitive information, as demonstrated by the (1) mode parameter to memberlist.php and the (2) highlight parameter to viewtopic.php that are used as an argument to the htmlspecialchars or urlencode functions, which displays the installation path in the resulting error message.)
Оригинальный текстdocumentSECUNIA, [SA19952] Albinator File Inclusion and Cross-Site Scripting Vulnerabilities (06.05.2006)
 documentMaksymilian Arciemowicz, [Full-disclosure] phpBB 2.0.20 Full Path Disclosure and SQL Errors (06.05.2006)
 documento.y.6_(at)_hotmail.com, Invision Community Blog .. Bugs (06.05.2006)
 documentMster-X_(at)_hotmail.com, CuteNews 1.4.1 Multiple vulnerabilities (06.05.2006)
 documentMster-X_(at)_hotmail.com, modules name(Downloads)SQL Injection Exploit (06.05.2006)
 documentMster-X_(at)_hotmail.com, modules name(Sections)SQL Injection Exploit (06.05.2006)
 documentCyber Lords, SQL-Injection in evoArticles (06.05.2006)
Файлы:Exploits phpBB auction mod - Remote File Inclusion Vuln
 Statit V4 Remote File Inclusion exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород