Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:5 января 2007 г.
Источник:
SecurityVulns ID:7001
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:DRUPAL : Drupal 4.6
 DRUPAL : Drupal 4.7
 CMSMADESIMPLE : CMS Made Simple 1.0
 APPLE : iLife 06
 Spine : Spine 1.2
 OVBB : OvBB 0.14
 JAMWIKI : JAMWiki 0.4
 SERENEBACH : Serene Bach 2.05
 SERENEBACH : Serene Bach 2.08
 SERENEBACH : Serene Bach sb 1.13
 SERENEBACH : Serene Bach sb 1.18
 IG : ig Calendar 1.0
 IG : ig Shop 1.0
 ARATIX : Aratix 0.2
 DIGIAPPZ : Digirez 3.4
CVE:CVE-2007-0137 (Cross-site scripting (XSS) vulnerability in SimpleBoxes/SerendipityNZ Serene Bach 2.05R and earlier, and 2.08D and earlier in the 2.08 series; and (2) sb 1.13D and earlier, and 1.18R and earlier in the 1.18 series; allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2007-0136 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal before 4.6.11, and 4.7 before 4.7.5, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in the (1) filter and (2) system modules. NOTE: some of these details are obtained from third party information.)
 CVE-2007-0135 (PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the current_path parameter.)
 CVE-2007-0134 (Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in (1) cart.php and (2) page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1.4.)
 CVE-2007-0133 (Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter.)
 CVE-2007-0132 (SQL injection vulnerability in compare_product.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.)
 CVE-2007-0131 (JAMWiki before 0.5.0 does not properly check permissions during moves of "read-only or admin-only topics," which allows remote attackers to make unauthorized changes to the wiki.)
 CVE-2007-0130 (SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.)
 CVE-2007-0128 (SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.)
 CVE-2007-0124 (Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.)
 CVE-2007-0101 (Cross-site request forgery (CSRF) vulnerability in SPINE allows remote attackers to perform unauthorized actions as administrators via unspecified vectors. NOTE: some of these details are obtained from third party information.)
 CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.)
Оригинальный текстdocumentnuffsaid, Aratix <= 0.2.2b11 (inc/init.inc.php) Remote File Include Vulnerability (05.01.2007)
 documentMichael Brooks, iG Shop 1.0 Multiple Remote Vulnerabilities (05.01.2007)
 documentMichael Brooks, SQL Injection in ig-Calendar (05.01.2007)
 documentSECUNIA, [SA23634] JAMWiki User Permission Security Issue (05.01.2007)
 documentSECUNIA, [SA23623] Serene Bach Unspecified Cross-Site Scripting Vulnerability (05.01.2007)
 documentSECUNIA, [SA23484] OvBB Script Insertion Vulnerability (05.01.2007)
 documentSECUNIA, [SA23537] SPINE Cross-Site Request Forgery Vulnerability (05.01.2007)
 documentUwe Hermann, [Full-disclosure] [DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue (05.01.2007)
 documentUwe Hermann, [Full-disclosure] [DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue (05.01.2007)
 documentKevin Finisterre, DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability' (05.01.2007)
 documentnanoymaster_(at)_gmail.com, CMS Made Simple non-permanent XSS (05.01.2007)
 documentnanoymaster_(at)_gmail.com, CMS Made Simple non-permanent XSS (05.01.2007)
 documentkadaj-diabolik_(at)_hotmail.fr, Wordpress <= 2.x dictionnary & Bruteforce attack (05.01.2007)
 documentinfo_(at)_burnhead.it, MkPortal "All Guests are Admin" Exploit (05.01.2007)
Файлы:Wordpress <= 2.x dictionnary & Bruteforce attack
 DigiRez <= V3.4 (book_id) Remote BLIND SQL Injection Exploit
 iLife iPhoto Photocast (XML title) Remote Format String PoC

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород