Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20227
HistoryJul 26, 2008 - 12:00 a.m.

XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities

2008-07-2600:00:00
vulners.com
30

##############################################################

XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)
Author: AzzCoder [[email protected]]
Product: http://www.xrms.org/
Product Type: CRM
Thanks: coresecurity.com

Remote File Inclusion
File: activities/workflow-activities.php
Variable: $include_directory
Required register_globals: Yes

XSS
Multiple Files
Variable: $msg
Quote limitations: Yes

Information Gathering
tests/info.php
phpinfo() call

##############################################################

milw0rm.com [2008-07-25]