Target:
Phorum 3.3.2a (maybee older)
Description:
Phorum 3.3.2a let's remote users execute arbitary code
Found by:
Markus Arndt[EMAIL PROTECTED]
Vendor:
http://www.phorum.org
Notified Vendor:
Yes, already fixed in 3.3.2b
Details:
Another bug for remote command execution.
This time it's
Target:
Phorum 3.3.2a (prior versions?)
Description:
In Phorum 3.3.2a (a bulletin board) there's a security flaw that lets remote users
include external php scripts and execute arbitary code.
Found by:
Markus Arndt[EMAIL PROTECTED]
Vendor:
http://www.phorum.org
Notified Vendor:
Yes, already
the bug by selecting the pic's properties in the context menu.
Maybee somebody finds out more..
Markus Arndt[EMAIL PROTECTED]
Keine verlorenen Lotto-Quittungen, keine vergessenen Gewinne mehr!
Beim WEB.DE Lottoservice: http://tippen2
Target:
Philip Chinery's Guestbook 1.1 (maybee older versions?)
Vendor:
http://www.sector7g.de.vu
Notified Vendor:
Sure
Affected Systems:
Webservers that run Philip Chinery's Guestbook 1.1
Found by:
Markus Arndt[EMAIL PROTECTED]
Short Description:
Philip Chinery's Guestbook 1.1 fails