 |
|
|
|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 08.09.2006 | | Source: |  | | | SecurityVulns ID: |  | 6594 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | FANTASTICNEWS : Fantastic News 2.1 | | | | MKPORTAL : MKPortal 1.1 | | | | SOMERY : Somery 0.4 | | | | BLOGCMS : BLOG:CMS 4.1 | | | | BINGOPHPNEWS : BinGoPHP News 3.01 | | | | DOKUWIKI : DokuWiki 2006-03-09 | | | | PHPFUSION : PHPFusion 6.01 | | | | ACKERTODO : AckerTodo 4.0 | | | | RUNCMS : RunCMS 1.4 | | | | WMNEWS : WM-News 0.5 | | | | PHOTOKORN : photokorn 1.52 | | CVE: |  | CVE-2007-0704 (PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.) | | | | CVE-2007-0145 (PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649.) | | | | CVE-2006-7006 (** DISPUTED ** PHP remote file inclusion vulnerability in upload/admin/team.php in Robin de Graff Somery 0.4.4 allows remote attackers to execute arbitrary PHP code via a URL in the checkauth parameter. NOTE: CVE disputes this vulnerability because the checkauth parameter is only used in conditionals.) | | | | CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.) | | | | CVE-2006-4669 (PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter.) | | | | CVE-2006-4649 (PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.) | | | | CVE-2006-4648 (PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.) |
| Original document |  | SECUNIA, [SA21807] Fantastic News "CONFIG[script_path]" File Inclusion Vulnerabilities (08.09.2006) |
| | | SECUNIA, [SA21796] photokorn "dir_path" File Inclusion Vulnerabilities (08.09.2006) |
| | | SOMERY, [SA21825] Somery "skindir" File Inclusion Vulnerability (08.09.2006) |
| | | erne_(at)_ernealizm.com, WM-News v0.5 - Remote File Include Vulnerabilities (08.09.2006) |
| | | Omid, Sql injection in RunCMS (08.09.2006) |
| | | viz.security_(at)_gmail.com, XSS in AckerTodo v4.0 (08.09.2006) |
| | | Kw3rLn, BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability (08.09.2006) |
Multiple PHP scripting language security vulnerabilities
updated since 18.08.2006 | | Published: | | 08.09.2006 | | Source: | | PHP | | SecurityVulns ID: | | 6515 | | Type: | | library | | Level: | | 6/10 | | Description: | | "file_exists()", "imap_open()", and "imap_reopen()" function and cURL extension safe mode restriction bypass, buffer overflows in different functions on 64-bit systems, buffer overflow in GD extension on GIFs processing, stripos() out-of-memory reading, Incorrect memory_limit restrictions on 64-bit systems. Buffer overflow in LWZReadByte(). |
| |
|
| |
