Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:22 февраля 2007 г.
Источник:
SecurityVulns ID:7287
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:SAPHPLESSON : SaphpLesson 3.0
 PHPTRAFFICA : phpTrafficA 1.4
 JWEB : Pics Navigator 2.0
 JWEB : Pics Navigator 1.0
 MAGICNEWSPLUS : Magic News Plus 1.0
 LOVECMS : LoveCMS 1.4
 INTERSPIRE : SendStudio 2004.14
CVE:CVE-2007-1151 (Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI, possibly related to a SQL error.)
 CVE-2007-1150 (Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote authenticated administrators to upload arbitrary files to /modules/content/pictures/tmp/.)
 CVE-2007-1149 (Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI.)
 CVE-2007-1148 (PHP remote file inclusion vulnerability in install/index.php in LoveCMS 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the step parameter.)
 CVE-2007-1144 (Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter.)
 CVE-2007-1143 (Directory traversal vulnerability in pn-menu.php in J-Web Pics Navigator 1.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter.)
 CVE-2007-1142 (Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.php.)
 CVE-2007-1141 (PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.)
 CVE-2007-1140 (Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. (dot dot) in the filename parameter.)
 CVE-2007-1139 (Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension.)
 CVE-2007-1138 (Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter.)
 CVE-2007-1076 (Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-1060 (Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals and allow_fopenurl are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOTDIR parameter to (1) createemails.inc.php and (2) send_emails.inc.php in /admin/includes/.)
Оригинальный текстdocumenteufrato_(at)_gmail.com, [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability (22.02.2007)
 documentgamr-14_(at)_hotmail.com, SaphpLesson v3.0 SQL Injection Exploit (22.02.2007)
 documentlaurent gaffié, pheap [edit LFI] vulnerability (22.02.2007)
 documentlaurent gaffié, LoveCMS 1.4 multiple vulnerabilities (22.02.2007)
 documentlaurent gaffié, Plantilla PHP Simple (22.02.2007)
 documentsn0oPy.team_(at)_gmail.com, Pics Navigator Directory Traversal Vulnerability (22.02.2007)
 documentSECURITEAM, [UNIX] phpTrafficA Local File Inclusion (22.02.2007)
Файлы:Magic News PHP Code Execution Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород