Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
дополнено с 7 февраля 2007 г.
Опубликовано:7 февраля 2007 г.
Источник:
SecurityVulns ID:7191
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:WBB : Woltlab Burning Board Lite 1.0
 MAMBO : Mambo 4.5
 VBULLETIN : vBulletin 3.6
 WEBBUILDER : WebBuilder 2.0
 EPISTEMON : Epistemon 1.0
 GEEKLOG : Geeklog 2
 flip : Flip 2.01
 SMA-DB : SMA-DB 0.3
 PHPBB : Categories hierarchy 2.1 PhpBB Module
 GGCMS : GGCMS 1.1
 MEDIAWIKI : MediaWiki 1.9
 SIMPLEINVOICES : Simple Invoices 20070202
 NONAME : Noname Media Photo Galerie Standard 1.1
 ZINA : Zina 1.0
CVE:CVE-2007-0869 (Cross-site scripting (XSS) vulnerability in the Attachment Manager (admincp/attachment.php) in Jelsoft vBulletin 3.6.4 allows remote attackers to inject arbitrary web script or HTML via the Extension field, a different vector than CVE-2007-0830. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-0830 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager, (2) User Rank Manager, (3) User Title Manager, (4) BB Code Manager, (5) Attachment Manager, (6) Calendar Manager, and (7) Forums & Moderators functions. NOTE: the vendor disputes this issue, stating that modifying HTML is an intended privilege of an administrator. NOTE: it is possible that this issue overlaps CVE-2006-6040.)
 CVE-2007-0826 (SQL injection vulnerability in forum.asp in Kisisel Site 2007 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.)
 CVE-2007-0812 (SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0] parameter.)
 CVE-2007-0810 (PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_libraries] parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog.)
 CVE-2007-0809 (PHP remote file inclusion vulnerability in includes/class_template.php in Categories hierarchy (aka CH or mod-CH) 2.1.2 in ptirhiikmods allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.)
 CVE-2007-0804 (Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 RC1 and earlier allows remote attackers to inject arbitrary PHP code into arbitrary files via ".." sequences in the subpageName parameter, as demonstrated by injecting PHP code into a template file.)
 CVE-2007-0797 (PHP remote file inclusion vulnerability in theme/settings.php in bluevirus-design SMA-DB 0.3.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pfad_z parameter.)
 CVE-2007-0789 (SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.)
 CVE-2007-0788 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript.")
 CVE-2007-0787 (PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows remote attackers to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information.)
 CVE-2007-0786 (SQL injection vulnerability in view.php in Noname Media Photo Galerie Standard 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.)
 CVE-2007-0785 (PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter.)
 CVE-2007-0303 (Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have unknown impact and attack vectors related to "Potential security bugs.")
Оригинальный текстdocumentThE [email protected], SMA-DB <= 0.3.9 (settings.php) Remote File Inclusion Vulnerability (07.02.2007)
 documentGolD_M, WebBuilder <= 2.0 Remote File Include Vulnerability (07.02.2007)
 documentGolD_M, GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities (07.02.2007)
 documentGolD_M, GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities (07.02.2007)
 documentGolD_M, GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities (07.02.2007)
 documentGolD_M, GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities (07.02.2007)
 documentadmin_(at)_hacklive.org, Ki.isel Site 2007 (tr) == SQL Injection Vulnerability (07.02.2007)
 documentajannhwt_(at)_hotmail.com, LightRO CMS 1 beta(inhalt.php) Remote File Include Vulnerability (07.02.2007)
 documentHackers Center Security Group, VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability (07.02.2007)
Файлы:Categories hierarchy v2.1.2 (phpbb_root_path) Remote File Include Exploit
 GGCMS <= v1.1.0 RC1 Remote Auto Deface Exploit / Remote Code Execution Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород