CGI abuses : phpWebThings <= 1.4 Patched Multiple vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56829

Categoría: CGI abuses

Título: phpWebThings <= 1.4 Patched Multiple vulnerabilities

Resumen: NOSUMMARY

Descripción: Description:

The remote host is running phpWebThings, which according to its version
number, is likely vulnerable to multiple SQL injection attacks as well
as cross site scripting attacks. Versions 1.4 are affected by all of
the above problems, while version 1.4 patched is reportedly vulnerable
to SQL injection vulnerabilities.

Solution : Upgrade to a later version when one is available.

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 15399
BugTraq ID: 15465
BugTraq ID: 15276
Common Vulnerability Exposure (CVE) ID: CVE-2005-3676
http://www.securityfocus.com/bid/15399/
Bugtraq: 20051111 SQL injection in phpWebThing 1.4.4 (Google Search)
http://marc.info/?l=bugtraq&m=113198898514200&w=2
http://www.osvdb.org/20945
http://www.vupen.com/english/advisories/2005/2860
XForce ISS Database: phpwebthings-download-sql-injection(23047)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23047
Common Vulnerability Exposure (CVE) ID: CVE-2005-4218
http://www.securityfocus.com/bid/15465
https://www.exploit-db.com/exploits/1324
http://rgod.altervista.org/phpwebth14_xpl.html
Common Vulnerability Exposure (CVE) ID: CVE-2005-4226
Bugtraq: 20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/419280/100/0/threaded
http://www.securityfocus.com/archive/1/419487/100/0/threaded
http://glide.stanford.edu/yichen/research/sec.pdf
http://www.osvdb.org/21650
http://www.osvdb.org/21651
http://www.osvdb.org/21652
http://www.osvdb.org/21653
http://www.osvdb.org/21654
http://www.osvdb.org/21655
http://www.osvdb.org/21656
http://secunia.com/advisories/18011/
XForce ISS Database: phpwebthings-download-ref-sql-injection(23565)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23565
Common Vulnerability Exposure (CVE) ID: CVE-2005-3585
BugTraq ID: 15277
http://www.securityfocus.com/bid/15277
Bugtraq: 20051105 XSS & SQL injection in phpWebThing (Google Search)
http://marc.info/?l=bugtraq&m=113122187101383&w=2
http://www.osvdb.org/20441
http://secunia.com/advisories/17410/
XForce ISS Database: phpwebthings-forum-sql-injection(22972)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22972
Common Vulnerability Exposure (CVE) ID: CVE-2005-3584
http://www.securityfocus.com/bid/15276

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56829
Categoría:	CGI abuses
Título:	phpWebThings <= 1.4 Patched Multiple vulnerabilities
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running phpWebThings, which according to its version number, is likely vulnerable to multiple SQL injection attacks as well as cross site scripting attacks. Versions 1.4 are affected by all of the above problems, while version 1.4 patched is reportedly vulnerable to SQL injection vulnerabilities. Solution : Upgrade to a later version when one is available. Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 15399 BugTraq ID: 15465 BugTraq ID: 15276 Common Vulnerability Exposure (CVE) ID: CVE-2005-3676 http://www.securityfocus.com/bid/15399/ Bugtraq: 20051111 SQL injection in phpWebThing 1.4.4 (Google Search) http://marc.info/?l=bugtraq&m=113198898514200&w=2 http://www.osvdb.org/20945 http://www.vupen.com/english/advisories/2005/2860 XForce ISS Database: phpwebthings-download-sql-injection(23047) https://exchange.xforce.ibmcloud.com/vulnerabilities/23047 Common Vulnerability Exposure (CVE) ID: CVE-2005-4218 http://www.securityfocus.com/bid/15465 https://www.exploit-db.com/exploits/1324 http://rgod.altervista.org/phpwebth14_xpl.html Common Vulnerability Exposure (CVE) ID: CVE-2005-4226 Bugtraq: 20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/419280/100/0/threaded http://www.securityfocus.com/archive/1/419487/100/0/threaded http://glide.stanford.edu/yichen/research/sec.pdf http://www.osvdb.org/21650 http://www.osvdb.org/21651 http://www.osvdb.org/21652 http://www.osvdb.org/21653 http://www.osvdb.org/21654 http://www.osvdb.org/21655 http://www.osvdb.org/21656 http://secunia.com/advisories/18011/ XForce ISS Database: phpwebthings-download-ref-sql-injection(23565) https://exchange.xforce.ibmcloud.com/vulnerabilities/23565 Common Vulnerability Exposure (CVE) ID: CVE-2005-3585 BugTraq ID: 15277 http://www.securityfocus.com/bid/15277 Bugtraq: 20051105 XSS & SQL injection in phpWebThing (Google Search) http://marc.info/?l=bugtraq&m=113122187101383&w=2 http://www.osvdb.org/20441 http://secunia.com/advisories/17410/ XForce ISS Database: phpwebthings-forum-sql-injection(22972) https://exchange.xforce.ibmcloud.com/vulnerabilities/22972 Common Vulnerability Exposure (CVE) ID: CVE-2005-3584 http://www.securityfocus.com/bid/15276
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com