Web application abuses : phpAdsNew Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.17335

Categoría: Web application abuses

Título: phpAdsNew Multiple Vulnerabilities

Resumen: phpAdsNew is an open-source ad server, with an integrated banner; management interface and tracking system for gathering statistics. With phpAdsNew you can easily; rotate paid banners and your own in-house advertisements. You can even integrate banners from; third party advertising companies.;; The product has been found to contain two vulnerabilities:;; * Path disclosure vulnerability;; * Cross Site Scripting

Descripción: Summary:
phpAdsNew is an open-source ad server, with an integrated banner
management interface and tracking system for gathering statistics. With phpAdsNew you can easily
rotate paid banners and your own in-house advertisements. You can even integrate banners from
third party advertising companies.

The product has been found to contain two vulnerabilities:

* Path disclosure vulnerability

* Cross Site Scripting

Vulnerability Impact:
An attacker may use the cross site scripting bug to perform phishing
attacks.

Solution:
No known solution was made available for at least one year since the disclosure of this vulnerability.
Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the
product or replace the product by another one.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0791
BugTraq ID: 12803
http://www.securityfocus.com/bid/12803
Bugtraq: 20050314 [SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9 (Google Search)
http://marc.info/?l=bugtraq&m=111083286926490&w=2
http://securityreason.com/adv/%5BphpAdsNew%202.0.4-pr1%20Multiple%20vulnerabilities%20cXIb8O3.9%5D.asc
http://www.osvdb.org/14787
http://securitytracker.com/id?1013429
http://secunia.com/advisories/14592
XForce ISS Database: phpadsnew-phpini-xss(19692)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19692

Copyright Copyright (C) 2005 Noam Rathaus

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.17335
Categoría:	Web application abuses
Título:	phpAdsNew Multiple Vulnerabilities
Resumen:	phpAdsNew is an open-source ad server, with an integrated banner; management interface and tracking system for gathering statistics. With phpAdsNew you can easily; rotate paid banners and your own in-house advertisements. You can even integrate banners from; third party advertising companies.;; The product has been found to contain two vulnerabilities:;; * Path disclosure vulnerability;; * Cross Site Scripting
Descripción:	Summary: phpAdsNew is an open-source ad server, with an integrated banner management interface and tracking system for gathering statistics. With phpAdsNew you can easily rotate paid banners and your own in-house advertisements. You can even integrate banners from third party advertising companies. The product has been found to contain two vulnerabilities: * Path disclosure vulnerability * Cross Site Scripting Vulnerability Impact: An attacker may use the cross site scripting bug to perform phishing attacks. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0791 BugTraq ID: 12803 http://www.securityfocus.com/bid/12803 Bugtraq: 20050314 [SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9 (Google Search) http://marc.info/?l=bugtraq&m=111083286926490&w=2 http://securityreason.com/adv/%5BphpAdsNew%202.0.4-pr1%20Multiple%20vulnerabilities%20cXIb8O3.9%5D.asc http://www.osvdb.org/14787 http://securitytracker.com/id?1013429 http://secunia.com/advisories/14592 XForce ISS Database: phpadsnew-phpini-xss(19692) https://exchange.xforce.ibmcloud.com/vulnerabilities/19692
Copyright	Copyright (C) 2005 Noam Rathaus