Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 25.06.2009
Published:		26.06.2009
Source:
SecurityVulns ID:		10012
Type:		remote
Threat Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		SMARTY : Smarty 2.6
		PHPMYADMIN : phpMyAdmin 2.11
		ALUMNISERVER : AlumniServer 1.0
		PHPMYADMIN : phpMyAdmin 3.1
CVE:		CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information.)
		CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information.)
		CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.)
		CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.)

Original document		DEBIAN, [SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities (26.06.2009)
		y3nh4ck3r_(at)_gmail.com, SQL INJECTION VULNERABILITY --AlumniServer v-1.0.1--> (26.06.2009)
		y3nh4ck3r_(at)_gmail.com, (POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1--> (25.06.2009)
		UBUNTU, [USN-791-3] Smarty vulnerability (25.06.2009)

Files: