Computer Security

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:08.09.2006
Source:
SecurityVulns ID:6594
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:FANTASTICNEWS : Fantastic News 2.1
 MKPORTAL : MKPortal 1.1
 SOMERY : Somery 0.4
 BLOGCMS : BLOG:CMS 4.1
 BINGOPHPNEWS : BinGoPHP News 3.01
 DOKUWIKI : DokuWiki 2006-03-09
 PHPFUSION : PHPFusion 6.01
 ACKERTODO : AckerTodo 4.0
 RUNCMS : RunCMS 1.4
 WMNEWS : WM-News 0.5
 PHOTOKORN : photokorn 1.52
CVE:CVE-2007-0704 (PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.)
 CVE-2007-0145 (PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649.)
 CVE-2006-7006 (** DISPUTED ** PHP remote file inclusion vulnerability in upload/admin/team.php in Robin de Graff Somery 0.4.4 allows remote attackers to execute arbitrary PHP code via a URL in the checkauth parameter. NOTE: CVE disputes this vulnerability because the checkauth parameter is only used in conditionals.)
 CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.)
 CVE-2006-4669 (PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter.)
 CVE-2006-4649 (PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.)
 CVE-2006-4648 (PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.)
Original documentdocumentSECUNIA, [SA21807] Fantastic News "CONFIG[script_path]" File Inclusion Vulnerabilities (08.09.2006)
 documentSECUNIA, [SA21796] photokorn "dir_path" File Inclusion Vulnerabilities (08.09.2006)
 documentSOMERY, [SA21825] Somery "skindir" File Inclusion Vulnerability (08.09.2006)
 documenterne_(at)_ernealizm.com, WM-News v0.5 - Remote File Include Vulnerabilities (08.09.2006)
 documentOmid, Sql injection in RunCMS (08.09.2006)
 documentviz.security_(at)_gmail.com, XSS in AckerTodo v4.0 (08.09.2006)
 documentKw3rLn, BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability (08.09.2006)
Files:PHPFusion <= 6.01.4 extract()/_SERVER[REMOTE_ADDR] sql injection exploit
 DokuWiki <= 2006-03-09b release /bin/dwpage.php remote commands execution xploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru