Web application abuses : myEvent Multiple Remote Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.80074

Categoría: Web application abuses

Título: myEvent Multiple Remote Vulnerabilities

Resumen: myEvent is prone to multiple vulnerabilities.

Descripción: Summary:
myEvent is prone to multiple vulnerabilities.

Vulnerability Insight:
The installed version of myEvent fails to sanitize user
input to the 'myevent_path' parameter in several scripts before using it to include PHP code
from other files. An unauthenticated attacker may be able to read arbitrary local files or
include a file from a remote host that contains commands which will be executed on the remote
host subject to the privileges of the web server process.

In addition, user input to the 'event_id' parameter in 'addevent.php' and 'del.php', and to the
'event_desc' parameter in 'addevent.php' is not properly sanitised before being used in a SQL query,
which may allow an attacker to insert arbitrary SQL statements in the remote database. A similar lack
of sanitation involving the 'event_desc' parameter of 'addevent.php' allows for cross-site scripting
attacks against the affected application.

These flaws are exploitable only if PHP's register_globals is enabled.

Solution:
No known solution was made available for at least one year
since the disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features,
remove the product or replace the product by another one.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1890
BugTraq ID: 17575
http://www.securityfocus.com/bid/17575
Bugtraq: 20060416 MyEvent Remote File Execution And XSS Attacking (Google Search)
http://www.securityfocus.com/archive/1/431125/100/0/threaded
http://www.osvdb.org/24722
http://www.osvdb.org/24723
http://securitytracker.com/id?1016616
http://secunia.com/advisories/19680
http://securityreason.com/securityalert/726
http://securityreason.com/securityalert/767
http://www.vupen.com/english/advisories/2006/1384
XForce ISS Database: myevent-event-initialize-file-include(25882)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25882
XForce ISS Database: myevent-myevent-file-include(28347)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28347
Common Vulnerability Exposure (CVE) ID: CVE-2006-1907
http://www.osvdb.org/24720
http://www.osvdb.org/24721
XForce ISS Database: myevent-addevent-del-sql-injection(25886)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25886
Common Vulnerability Exposure (CVE) ID: CVE-2006-1908
http://www.osvdb.org/24719
XForce ISS Database: myevent-addevent-xss(25885)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25885

Copyright Copyright (C) 2008 Josh Zlatin-Amishav

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.80074
Categoría:	Web application abuses
Título:	myEvent Multiple Remote Vulnerabilities
Resumen:	myEvent is prone to multiple vulnerabilities.
Descripción:	Summary: myEvent is prone to multiple vulnerabilities. Vulnerability Insight: The installed version of myEvent fails to sanitize user input to the 'myevent_path' parameter in several scripts before using it to include PHP code from other files. An unauthenticated attacker may be able to read arbitrary local files or include a file from a remote host that contains commands which will be executed on the remote host subject to the privileges of the web server process. In addition, user input to the 'event_id' parameter in 'addevent.php' and 'del.php', and to the 'event_desc' parameter in 'addevent.php' is not properly sanitised before being used in a SQL query, which may allow an attacker to insert arbitrary SQL statements in the remote database. A similar lack of sanitation involving the 'event_desc' parameter of 'addevent.php' allows for cross-site scripting attacks against the affected application. These flaws are exploitable only if PHP's register_globals is enabled. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1890 BugTraq ID: 17575 http://www.securityfocus.com/bid/17575 Bugtraq: 20060416 MyEvent Remote File Execution And XSS Attacking (Google Search) http://www.securityfocus.com/archive/1/431125/100/0/threaded http://www.osvdb.org/24722 http://www.osvdb.org/24723 http://securitytracker.com/id?1016616 http://secunia.com/advisories/19680 http://securityreason.com/securityalert/726 http://securityreason.com/securityalert/767 http://www.vupen.com/english/advisories/2006/1384 XForce ISS Database: myevent-event-initialize-file-include(25882) https://exchange.xforce.ibmcloud.com/vulnerabilities/25882 XForce ISS Database: myevent-myevent-file-include(28347) https://exchange.xforce.ibmcloud.com/vulnerabilities/28347 Common Vulnerability Exposure (CVE) ID: CVE-2006-1907 http://www.osvdb.org/24720 http://www.osvdb.org/24721 XForce ISS Database: myevent-addevent-del-sql-injection(25886) https://exchange.xforce.ibmcloud.com/vulnerabilities/25886 Common Vulnerability Exposure (CVE) ID: CVE-2006-1908 http://www.osvdb.org/24719 XForce ISS Database: myevent-addevent-xss(25885) https://exchange.xforce.ibmcloud.com/vulnerabilities/25885
Copyright	Copyright (C) 2008 Josh Zlatin-Amishav