|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses >> PBLang BBS <= 4.65 Multiple Vulnerabilities Vulnerability Assessment Details
|
PBLang BBS <= 4.65 Multiple Vulnerabilities |
||
Checks for multiple vulnerabilities in PBLang BBS <= 4.65 Detailed Explanation for this Vulnerability Assessment Summary : The remote web server contains a PHP application that suffers from multiple flaws. Description : According to its banner, the remote host is running a version of PBLang BBS, a bulletin board system written in PHP, that suffers from the following vulnerabilities: - HTML Injection Vulnerability in pmpshow.php. A possible hacker can inject arbitrary HTML and script into the body of PMs sent to users permiting for theft of authentication cookies or misrepresentation of the site. - Cross-Site Scripting Vulnerability in search.php. If a possible hacker can trick a user into following a specially crafted link to search.php from an affected version of PBLang, he can inject arbitrary script into the user's browser to, say, steal authentication cookies. - Remote PHP Script Injection Vulnerability in ucp.php. PBLang permits a user to enter a PHP script into his/her profile values, to be executed with the permissions of the web server user whenever the user logs in. - Directory Traversal Vulnerability in sendpm.php. A logged-in user can read arbitrary files, subject to permissions of the web server user, by passing full pathnames through the 'orig' parameter when calling sendpm.php. - Arbitrary Personal Message Deletion Vulnerability in delpm.php. A logged-in user can delete anyone's personal messages by passing a PM id through the 'id' parameter and a username through the 'a' parameter when calling delpm.php. See also : http://archives.neohapsis.com/archives/bugtraq/2005-02/0406.html http://archives.neohapsis.com/archives/bugtraq/2005-02/0407.html http://archives.neohapsis.com/archives/bugtraq/2005-03/0015.html http://archives.neohapsis.com/archives/bugtraq/2005-03/0019.html http://www.nessus.org/u?a6808b6a Solution : Upgrade to PBLang 4.66z or later. Network Security Threat Level: Low / CVSS Base Score : 2 (AV:R/AC:H/Au:NR/C:N/A:N/I:P/B:N) Networks Security ID: 12631, 12633, 12666, 12690, 12694 Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2007 Tenable Network Security |
||
Cables, Connectors |
$599.99
Dell Precision T3600 | Xeon E5 | 16GB | GPU | 128GB SSD | Win 10 Pro
$115.00
$80.00
Intel Xeon E5-2680 v4 2.4GHz 35MB 14-Core 120W LGA2011-3 SR2N7
$17.99
Intel Xeon Gold 6140 SR3AX 2.3GHz 18-Core Processor CPU
$44.99
HP Z4G4 Intel Xeon W2133-3.6 GHz, 256 NVME, 6TB HDD, 32GB RAM P620 NO OS
$265.00
Intel Xeon E5-2697A V4 2.6GHz CPU Processor 16-Core Socket LGA2011 SR2K1
$39.99
Intel Xeon E5-2697 v2 2.7GHz 30M 12-Core LGA2011 CPU Processor SR19H
$27.99
DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45
$274.00
|
||
No Discussions have been posted on this vulnerability. |