Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:12 февраля 2007 г.
Источник:
SecurityVulns ID:7212
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPPOLLS : phpPolls 1.0
 MEDIAWIKI : MediaWiki 1.9
 BTITEAM : BtitTracker 1.4
 PRB : php rrd browser 0.2
 PHPMYVISITIES : phpMyVisites 2.2
 KILLERVAULT : KvGuestbook 1.0
CVE:CVE-2007-0929 (Directory traversal vulnerability in php rrd browser before 0.2.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter.)
 CVE-2007-0926 (The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.)
 CVE-2007-0924 (Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentication and perform certain administrative actions via a direct request to phpPollAdmin.php3. NOTE: this issue might subsume CVE-2006-3764.)
 CVE-2007-0894 (MediaWiki before 1.9.2 allows remote attackers to obtain sensitive information via a direct request to (1) Simple.deps.php, (2) MonoBook.deps.php, (3) MySkin.deps.php, or (4) Chick.deps.php in wiki/skins, which shows the installation path in the resulting error message.)
 CVE-2007-0893 (Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme.)
 CVE-2007-0892 (CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:".)
 CVE-2007-0891 (Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath function in phpmyvisites.php in phpMyVisites before 2.2 allows remote attackers to inject arbitrary web script or HTML via the query string.)
 CVE-2007-0881 (PHP remote file inclusion vulnerability in the Seitenschutz plugin for OPENi-CMS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the (1) config[oi_dir] and possibly (2) config[openi_dir] parameters to open-admin/plugins/site_protection/index.php. NOTE: vector 2 might be the same as CVE-2006-4750.)
 CVE-2006-4750 (PHP remote file inclusion vulnerability in openi-admin/base/fileloader.php in OPENi-CMS 1.0.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the config[openi_dir] parameter.)
Оригинальный текстdocumentx0r0n_(at)_hotmail.com, Philboard (id) Remote SQL Injection (12.02.2007)
 documenty3dips, [ECHO_ADV_64$2007] Openi CMS plugins (site protection) remote file inclusion (12.02.2007)
 documentcrazy_king_(at)_eno7.org, KvGuestbook Remote Add Admin Exploit (12.02.2007)
 documentraphael.huck_(at)_free.fr, MediaWiki Full Path Disclosure Vulnerability (12.02.2007)
 documentsn0oPy.team_(at)_gmail.com, phpPolls 1.0.3 (acces to sensitive file) (12.02.2007)
 documentbeNi, [Full-disclosure] different Wordpress Vulnerabilities (12.02.2007)
 documentnicob_(at)_nicob.net, [Full-disclosure] Multiple vulnerabilities in phpMyVisites (12.02.2007)
 documentSebastian Wolfgarten, [Full-disclosure] Arbitrary file disclosure vulnerability in php rrd browser < 0.2.1 (prb) (12.02.2007)
 documentPeko Takov, BtitTracker 1.4 XSS (12.02.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород