Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:15 января 2007 г.
Источник:
SecurityVulns ID:7053
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPNUKE : PHP-Nuke 7.9
 THWBOARD : ThWboard 3.0
 TREVORCHAN : Trevorchan 0.7
 JV2 : JV2 Folder Gallery 3.0
 DIGIAPPZ : DigiAffiliate 1.4
 FDWEB : FdWeB Espace Membre 2.1
 OVIDENTIA : Ovidentia 5.6
CVE:CVE-2007-0863 (** DISPUTED ** PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tc_config[rootdir] parameter to (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, and (5) banned.php. NOTE: his issue has been disputed by reliable third parties, who state that the variable is set before use in config.php.)
 CVE-2007-0682 (PHP remote file inclusion vulnerability in theme/include_mode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter.)
 CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in modules/Advertising/admin/index.php; or unspecified vectors in the (7) advertising, (8) weblinks, or (9) reviews section.)
 CVE-2007-0340 (SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84-php5 and earlier allows remote attackers to execute arbitrary SQL commands via the board[styleid] parameter to index.php.)
 CVE-2007-0329 (download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability.)
 CVE-2007-0309 (SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter.)
 CVE-2007-0306 (SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.)
 CVE-2007-0301 (PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.)
Оригинальный текстdocumentMaximize Designs, AIMPages XSS (15.01.2007)
 documentH0tTurk, Ovidentia 5.6x Series Remote File İnclude (15.01.2007)
 documentpaisterist_(at)_neosecurityteam.net, PHP-Nuke <= 7.9 Old-Articles Block "cat" SQL Injection vulnerability (15.01.2007)
Файлы:Exploits FdWeB Espace Membre <= 2.01(path) Remote File Include Vulnerability
 ThWboard <=3.0 beta 2.84-php5 board[styleid] sql injection / cmd exec exploit
 JV2 Folder Gallery Remote Admin uName and Pass. Exploit
 DigiAffiliate <= V1.4 Remote Blind SQL Injection Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород