Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
дополнено с 29 января 2007 г.
Опубликовано:29 января 2007 г.
Источник:
SecurityVulns ID:7128
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:GUPPY : Guppy 4.5
 XERO : Xero Portal 1.2
 WEBWFLOG : Webfwlog 0.92
 PHPMYTOOLS : phpMyReports 3.0
 VIRTUALPATH : Virtual Path 1.0
 BRADABRA : Bradabra 2.0
 CVSTRAC : CVSTrac 2.0
 ECLIPSEBB : EclipseBB 0.5
 FORODOMUS : Foro Domus 2.10
 CHERNOBILE : chernobiLe Portal 1.0
 ACGV : ACGVannu 1.3
 ACGV : ACGVclick 0.2
 XDEV : xNews 1.3
 DRUNKEN : Golem Portal 0.5
 XTSTATS : Xt-Stats 2.3
 AINS : AINS 0.02
 MYPHPCOMMANDER : MyPHPcommander 2.0
 PHPROXY : PHProxy 0.5
 ONNAC : Oh no! Not another CMS 0.0
 PHPUPLOADER : Tuan Do Uploader 6
CVE:CVE-2007-0698 (Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the id_mod parameter to templates/modif.html, and other unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-0697 (index2.php in ACGVannu 1.3 and earlier allows remote attackers to change the password or profile of a user via a modified id parameter, related to templates/modif.html. NOTE: some of these details are obtained from third party information.)
 CVE-2007-0639 (Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array with an error number in the first dimension and 0 in the second dimension, as demonstrated by msg[999][0].)
 CVE-2007-0630 (Multiple SQL injection vulnerabilities in the generate_csv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) from, and (3) q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-0591 (PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.)
 CVE-2007-0585 (include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks.)
 CVE-2007-0582 (SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbitrary SQL commands via the User (username) field.)
 CVE-2007-0581 (PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.)
 CVE-2007-0580 (PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to execute arbitrary PHP code via a URL in the sesion_idioma parameter.)
 CVE-2007-0577 (PHP remote file inclusion vulnerability in function.inc.php in ACGVclick 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.)
 CVE-2007-0576 (PHP remote file inclusion vulnerability in xt_counter.php in Xt-Stats 2.3.x up to 2.4.0.b3 allows remote attackers to execute arbitrary PHP code via a URL in the server_base_dir parameter.)
 CVE-2007-0573 (PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter.)
 CVE-2007-0572 (PHP remote file inclusion vulnerability in include/irc/phpIRC.php in Drunken:Golem Gaming Portal 0.5.1 Alpha 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.)
 CVE-2007-0571 (PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathModule parameter.)
 CVE-2007-0570 (PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fundum Integratable News Script (AINS) 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ains_path parameter.)
 CVE-2007-0569 (SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action.)
 CVE-2007-0568 (PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the gl_root parameter.)
 CVE-2007-0561 (Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/.)
 CVE-2007-0553 (Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php in PHProxy before 0.5 beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) data[realm] and (2) _url parameters, different vectors than CVE-2004-2604. NOTE: some of these details are obtained from third party information.)
 CVE-2007-0552 (Cross-site scripting (XSS) vulnerability in install/default/error404.html in Oh no! Not another CMS (Onnac) 0.0.8.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the error_url parameter.)
 CVE-2007-0532 (Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrator password hash via a direct request for userdata/user_1.txt.)
 CVE-2007-0500 (PHP remote file inclusion vulnerability in include/includes.php in Bradabra 2.0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.)
 CVE-2007-0347 (The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service (database error) via a ' character in certain messages, tickets, or Wiki entries.)
Оригинальный текстdocumentRalf S. Engelschall, [Full-disclosure] CVSTrac 2.0.0 Denial of Service (DoS) vulnerability (30.01.2007)
 documentCold Zero, MyPHPcommander 2.0 (package.php) Remote File Include Vulnerability (29.01.2007)
 documentThE [email protected], AINS 0.02b (ains_main.php ains_path) Remote File Include Vulnerability (29.01.2007)
 documentThE [email protected], Xt-Stats v.2.4.0.b3 (server_base_dir) Remote File Include Vulnerability (29.01.2007)
 documentadak.hacking_(at)_yahoo.com, nsGalPHP (includes/config.inc.php racineTBS) Remote Inclusion Vuln: (29.01.2007)
 documentajannhwt_(at)_hotmail.com, xNews 1.3 (xNews.php) Remote Blind SQL Injection Vulnerability (29.01.2007)
 documentajannhwt_(at)_hotmail.com, ACGVclick <= 0.2.0 (path) Remote File Include Vulnerability (29.01.2007)
 documentajannhwt_(at)_hotmail.com, ACGVannu <= 1.3 (index2.php) Remote User Pass Change Vulnerability (29.01.2007)
 documentajannhwt_(at)_hotmail.com, chernobiLe Portal 1.0 (default.asp) Remote SQL Injection Vulnerability (29.01.2007)
 documentx0r0n_(at)_hotmail.com, PhP Generic library & framework (include_path) Remote File Include Exploit (29.01.2007)
 documentGolD_M, Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability (29.01.2007)
 documentGolD_M, Virtual Path 1.0 (vp/configure.php) Remote File Include Vulnerability (29.01.2007)
 documentGolD_M, Virtual Path 1.0 (vp/configure.php) Remote File Include Vulnerability (29.01.2007)
 documentGolD_M, phpMyReports <= 3.0.11 (lib_head.php) Remote File Include Vulnerability (29.01.2007)
 documentGolD_M, Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability (29.01.2007)
Файлы:Drunken:Golem Gaming Portal (Xero Portal) (root_path) Remote File Include Exploit
 Guppy <= 4.5.16 remote commands execution exploit
 EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit
 Foro Domus v2.10 (phpbb_root_path) Remote File Include Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород