Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.03.2007
Source:
SecurityVulns ID:7479
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:VIEWVC : ViewVC 1.0
 FLEXBB : FlexBB 1.0
 REALINK : C-Arbre 0.6
 VIEWCVS : ViewCVS 1.0
 ICEBB : IceBB 1.0
 PHPNUKE : Addressbook 1.2 module for PHP-Nuke
 CICOANDCICO : CcMail 1.0
CVE:CVE-2007-1729 (SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbb_lang_id COOKIE parameter to index.php.)
 CVE-2007-1726 (Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to upload arbitrary files via the avatar function, which can later be accessed in uploads/.)
 CVE-2007-1725 (SQL injection vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to execute arbitrary SQL commands via the filename of an uploaded file to the avatar function, as demonstrated by setting admin privileges.)
 CVE-2007-1721 (Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) Richtxt_functions.inc.php, (2) adddocfile.php, (3) auth_check.php, (4) browse_current_category.inc.php, (5) docfile_details.php, (6) main.php, (7) mainarticle.php, (8) maindocfile.php, (9) modify.php, (10) new.php, (11) resource_details.php, or (12) smallsearch.php in lib/; or (13) mwiki/LocalSettings.php.)
 CVE-2007-1720 (Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file.)
 CVE-2007-1516 (PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the functions_dir parameter.)
 CVE-2005-4831 (viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting (XSS) and other attacks, as demonstrated using (1) "text/html", or (2) "image/jpeg" with an image that is rendered as HTML by Internet Explorer, a different vulnerability than CVE-2004-1062. NOTE: it was later reported that 0.9.4 is also affected.)
 CVE-2004-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages.)
Original documentdocumentMoritz Naumann, Update: ViewCVS and ViewVC 'checkout view' content type fixation issue (28.03.2007)
 documenterdc_(at)_echo.or.id, [ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability (28.03.2007)
 documentalireza hassani, [KAPDA::#64] - Flexbb Sql Injection (28.03.2007)
Files:PHP-Nuke Module Addressbook 1.2 Local File Inclusion Exploit
 IceBB 1.0-rc5 Remote Create Admin Exploit
 IceBB 1.0-rc5 Remote Code Execution Exploit
 CcMail 1.0 Remote File Inclusion Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod