Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:11 февраля 2007 г.
Источник:
SecurityVulns ID:7209
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:OVIDENTIA : OVidentia 5.8
 ALLONSVOTER : Allons_voter 1.0
 NABOCORP : nabopoll 1.1
 QDIG : qdig 1.2
 DEVTRACK : DevTrack 6.0
 TWIKI : Twiki 4.0
 TWIKI : Twiki 4.1
CVE:CVE-2007-1073 (Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.)
 CVE-2007-0885 (Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.)
 CVE-2007-0880 (Capital Request Forms stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request for inc/common_db.inc.)
 CVE-2007-0876 (Cross-site scripting (XSS) vulnerability in Quick Digital Image Gallery (Qdig) 1.2.9.3 and devel-20060624 allows remote attackers to inject arbitrary web script or HTML via the Qwd parameter to the top-level URI.)
 CVE-2007-0875 (** DISPUTED ** SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this issue has been disputed by a third party, stating that the file does not use a SQL database.)
 CVE-2007-0874 (Allons_voter 1.0 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) admin_ajouter.php or (2) admin_supprimer.php. NOTE: this could be leveraged to conduct cross-site scripting (XSS) attacks.)
 CVE-2007-0873 (nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/.)
 CVE-2007-0871 (Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php.)
 CVE-2007-0853 (SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers to execute arbitrary SQL commands via the Username form field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-0852 (Cross-site scripting (XSS) vulnerability in DevTrack 6.x allows remote attackers to inject arbitrary web script or HTML via the "Keyword search" form field and unspecified other form fields that populate a public saved query. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-0669 (Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local users to execute arbitrary Perl code via unknown vectors related to CGI session files.)
 CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a denial of service (application crash) via unspecified vectors.)
 CVE-2006-6979 (The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbitrary commands via shell metacharacters.)
Оригинальный текстdocumentAndrea "bunker" Purificato, [XSS] Qdig - Quick Digital Image Gallery Version 1.2.9.3 and -devel (11.02.2007)
 documentsn0oPy.team_(at)_gmail.com, nabopoll 1.1.2 sensitive file (admin without password) (11.02.2007)
 documentsn0oPy.team_(at)_gmail.com, Allons_voter Version 1.0 xss and admin votes (11.02.2007)
 documentsn0oPy.team_(at)_gmail.com, mcRefer SQL injection (11.02.2007)
 documentbl4ck_(at)_bsdmail.org, XSS in Rainbow with Rainbow.Zen (11.02.2007)
 documentali_(at)_hackerz.ir, local bug :[xxs] in whm (11.02.2007)
 documentgokhankaya_(at)_hotmail.com, Capital Request Forms Db Username and Password Vulnerabilities (11.02.2007)
 documenthamed.bazargani_(at)_gmail.com, eXtreme File Hosting remote file upload vulnerability (11.02.2007)
Файлы:OVidentia 5.x Series Remote File İnclude
 Exploits McRefer PHP inclusion

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород