|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 17.03.2008 | | Source: |  | | | SecurityVulns ID: |  | 8790 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Snewscms Rus 2.3: crossite scripting |
| Affected: |  | HORDE : Horde 3.0 | | | | SMARTY : Smarty 2.6 | | | | WML : wml 2.0 | | | | SNEWSCMS : SnewsCMS Rus 2.3 | | | | EASYCALENDAR : EasyCalendar 4.0 | | | | MULTIPLETIMESHEE : Mutiple Timesheets 5.0 | | CVE: |  | CVE-2008-1284 (Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name.) | | | | CVE-2008-1066 (The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.) | | | | CVE-2008-0666 (Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.) | | | | CVE-2008-0665 (wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.) |
|
|
|
|
|
