|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses >> phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion Vulnerability Vulnerability Assessment Details
|
phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion Vulnerability |
||
Check if phpDocumentor is vulnerable to remote file inclusion flaws Detailed Explanation for this Vulnerability Assessment Summary : The remote web server contains a PHP script that is prone to file inclusion flaws. Description : phpDocumentor is a automatic documentation generator for PHP. The remote host appears to be running the web-interface of phpDocumentor. This version does not properly sanitize user input in the 'file_dialog.php' file and a test file called 'bug-559668.php' It is possible for a possible hacker to include remote files and execute arbitrary commands on the remote system, and display the content of sensitive files. This flaw is exploitable if PHP's 'register_globals' setting is enabled. See also : http://retrogod.altervista.org/phpdocumentor_130rc4_incl_expl.html http://marc.theaimsgroup.com/?l=bugtraq&m=113587730223824&w=2 Solution : Disable PHP's 'register_globals' setting. Network Security Threat Level: High / CVSS Base Score : 7.0 (AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Networks Security ID: 16080 Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Ferdy Riphagen |
||
Cables, Connectors |
Vintage 5362 IBM System/36 Mini-Computer Mainframe 5291 2, CRT Terminal DM12N501
$249.99
Magitronic Quad Speed Creative
$150.00
Vintage Hewlett Packard HP 2100S Microprogrammable Computer System Mainframe #2
$1499.99
VINTAGE IBM Type 4869 External 5 1/4" ~ Floppy Disk Drive Mainframe ~
$159.99
IBM Type 4869 External 5 1/4in Floppy Disk Drive Mainframe Collection - UNTESTED
$75.00
Lot of 2 Vintage DEC Digital Computer Mainframe VT100 Keyboards Untested
$239.99
IBM 3390 DASD Hard Drive 10.8” from Vintage Mainframe
$325.00
Vintage Silicon Graphics SGI Indy B006 Workstation Computer
$149.95
S300 Chassis Portable ITX Portable TYPECmini Desktop Computer Mainframe Chassis
$199.79
Sage MAS 90 Software for Windows Financial Reporting Mainframe Collection
$360.99
|
||
No Discussions have been posted on this vulnerability. |