Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:11 января 2007 г.
Источник:
SecurityVulns ID:7037
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPBB : phpBB 2.0
 JSHOP : Jshop Server 1.3
 WORDPRESS : WordPress 2.0
 PHPMYADMIN : phpmyadmin 2.9
 SAZCART : SazCart 1.5
 CSCART : CS-Cart 1.3
 MOTIONBORG : MOTIONBORG Web Real Estate 2.1
 UNIFORUM : uniForum 4
 AXIOM : Axiom 0.8
 MEDIAWIKI : MediaWiki 1.6
 MEDIAWIKI : MediaWiki 1.7
 MEDIAWIKI : MediaWiki 1.8
CVE:CVE-2007-0232 (PHP remote file inclusion vulnerability in routines/fieldValidation.php in Jshop Server 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the jssShopFileSystem parameter.)
 CVE-2007-0230 (** DISPUTED ** PHP remote file inclusion vulnerability in install.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the install_dir parameter. NOTE: CVE and third parties dispute this vulnerability because install_dir is defined before use.)
 CVE-2007-0226 (SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier allows remote attackers to execute arbitrary SQL commands via the "by User" field (aka the TXbyuser parameter).)
 CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information,)
 CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.)
 CVE-2007-0200 (PHP remote file inclusion vulnerability in template.php in Geoffrey Golliher Axiom Photo/News Gallery (axiompng) 0.8.6 allows remote attackers to execute arbitrary PHP code via a URL in the baseAxiomPath parameter.)
 CVE-2007-0196 (SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. NOTE: some details were obtained from third party information.)
 CVE-2007-0177 (Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2007-0109 (wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.)
 CVE-2007-0095 (phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.)
Оригинальный текстdocumentinfo_(at)_burnhead.it, phpBB (privmsg.php) XSS Exploit (11.01.2007)
 documentirvian_(at)_presiden.com, Jshop Server 1.3 (11.01.2007)
 documentajannhwt_(at)_hotmail.com, uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability (11.01.2007)
 documentajannhwt_(at)_hotmail.com, MOTIONBORG Web Real Estate <= v2.1 Remote SQL Injection Vulnerability (11.01.2007)
 documentirvian, shop Server 1.3 (fieldValidation.php) Remote File Include Vulnerability (11.01.2007)
 documentIbnuSina, sazcart v1.5 (cart.php) Remote File include (11.01.2007)
 documentahmed_labib_hilmy_(at)_yahoo.com, CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability (11.01.2007)
Файлы:Exploits Axiom 0.8.6 photo gallery (template.php)Remote File Include Vulnerability
 Wordpress <= 2.0.6 wp-trackback.php Zend_Hash_Del_Key_Or_Index sql injection admin hash disclosure exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород