Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Vista
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
Jul 25 2008 03:13PM
azzcoder hotmail com
##############################################################
XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)
Author: AzzCoder [azzcoder (at) hotmail (dot) com [email concealed]]
Product: http://www.xrms.org/
Product Type: CRM
Thanks: coresecurity.com
Remote File Inclusion
File: activities/workflow-activities.php
Variable: $include_directory
Required register_globals: Yes
XSS
Multiple Files
Variable: $msg
Quote limitations: Yes
Information Gathering
tests/info.php
phpinfo() call
##############################################################
# milw0rm.com [2008-07-25]
[ reply ]
Privacy Statement
Copyright 2008, SecurityFocus
XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)
Author: AzzCoder [azzcoder (at) hotmail (dot) com [email concealed]]
Product: http://www.xrms.org/
Product Type: CRM
Thanks: coresecurity.com
Remote File Inclusion
File: activities/workflow-activities.php
Variable: $include_directory
Required register_globals: Yes
XSS
Multiple Files
Variable: $msg
Quote limitations: Yes
Information Gathering
tests/info.php
phpinfo() call
##############################################################
# milw0rm.com [2008-07-25]
[ reply ]