Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:9513
HistoryAug 18, 2005 - 12:00 a.m.

[PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities

2005-08-1800:00:00
vulners.com
18
JSON

========================================================================
phpAdsNew / phpPgAds security advisory PHPADSNEW-SA-2005-001

Advisory ID: PHPADSNEW-SA-2005-001
Date: 2005-Aug-17
Security risk: highly critical
Applications affetced: phpAdsNew, phpPgAds
Versions affected: <= 2.0.5
Versions not affected: >= 2.0.6

========================================================================
Vulnerability 1: arbitrary PHP code execution

Impact: system access
Where: from remote

Description

Stefan Esser of the Hardened-PHP Project reported a serious
vulnerablility in the third-party XML-RPC library included with
phpAdsNew and phpPgAds. An attacker could execute arbitrary PHP code on
a vulnerable site.

Solution

  • Upgrade to phpAdsNew or phpPgAds 2.0.6.

References

http://www.hardened-php.net/advisory_152005.67.html

========================================================================
Vulnerability 2: local file inclusion

Impact: system access
Where: from remote

Description

Maksymilian Arciemowicz of the securityreason.com team reported a local
file inclusion vulnerablility in phpAdsNew and phpPgAds, caused by
missing sanitization of a GET variable.

Solution

  • Upgrade to phpAdsNew or phpPgAds 2.0.6.

References

[phpAdsNew 2.0.5 Local file inclusion cXIb8O3.16]
http://www.securityreason.com/

========================================================================
Vulnerability 3: SQL injection

Impact: application admin access (+ potential system access)
Where: from remote

Description

Pine Digital Security reported an SQL injection vulnerablility in
phpAdsNew and phpPgAds, caused by missing sanitization of the clientid
GET variable. The vulnerability seems to be exploitable with MySQL 4.1+
or PostgreSQL to obtain administrator access to the application.
Depending on the database user permissions, an attacker could also gain
access to the local filesystem.

Solution

  • Upgrade to phpAdsNew or phpPgAds 2.0.6.

References

http://www.pine.nl/

Contact informations

The security contact for phpAdsNew and phpPgAds can be reached at:
<security AT phpadsnew DOT com>

Best regards

Matteo Beccati
http://phpadsnew.com/
http://phppgads.com/

JSON