 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.100050 |
| Categoría: | Web application abuses |
| Título: | Dagger RFI Vulnerability (Mar 2009) - Active Check |
| Resumen: | Dagger is prone to a remote file include (RFI) vulnerability; because it fails to sufficiently sanitize user-supplied data. |
| Descripción: | Summary: Dagger is prone to a remote file include (RFI) vulnerability because it fails to sufficiently sanitize user-supplied data. Vulnerability Impact: An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system. Other attacks are also possible. Solution: Vendor updates are available. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-6635 BugTraq ID: 29906 http://www.securityfocus.com/bid/29906 https://www.exploit-db.com/exploits/5916 http://secunia.com/advisories/30771 XForce ISS Database: daggercms-default-file-include(43304) https://exchange.xforce.ibmcloud.com/vulnerabilities/43304 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |