Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:3 февраля 2007 г.
Источник:
SecurityVulns ID:7161
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:FLIPPERPOLL : Flipper Poll 1.1
 KGB : KGB 1.9
 PHOTOGALERIE : Photo Galerie Standard 1.1
 DBMASTERS : dB Masters' Curium CMS 1.03
 COD2DREAMSTATS : CoD2: DreamStats 4.2
 EQDKP : eqDKP 1.3
 F3SITE : F3Site 2.1
 EZCONVERT : phpBB ezBoard converter 0.2
 PHPBBPP : phpBB++ 100
CVE:CVE-2007-0765 (SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote attackers to execute arbitrary SQL commands via the c_id parameter.)
 CVE-2007-0764 (Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php.)
 CVE-2007-0763 (Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field.)
 CVE-2007-0762 (PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.)
 CVE-2007-0761 (PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter.)
 CVE-2007-0760 (EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer.)
 CVE-2007-0757 (PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter.)
 CVE-2007-0337 (Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php.)
Оригинальный текстdocumentcw.cybersecurity_(at)_gmail.com, Flipper Poll v1.1.0 (poll.php) remote file include vuln (03.02.2007)
 documenteight10_(at)_gmail.com, EQdkp <= 1.3.1 Referer Spoof to access to SQL Database (03.02.2007)
 documentThE [email protected], CoD2: DreamStats <= 4.2 (index.php) Remote File Include Vulnerability (03.02.2007)
 documentajannhwt_(at)_hotmail.com, Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability (03.02.2007)
 documentajannhwt_(at)_hotmail.com, dB Masters' Curium CMS <= 1.03(c_id) Remote Blind SQL Injection Vulnerability (03.02.2007)
Файлы:KGB <= 1.9 Remote Code Execution Exploit
 F3Site <= 2.1 Remote Code Execution Exploit
 phpBB++ (phpbb_root_path) Remote File Include Exploit
 ezConvert: phpBB ezBoard converter v0.2 (ezconvert_dir) Remote File Include Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород