[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
From: azzcoder@xxxxxxxxxxx
Date: 25 Jul 2008 15:13:03 -0000

##############################################################

XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)
Author: AzzCoder [azzcoder@xxxxxxxxxxx]
Product: http://www.xrms.org/
Product Type: CRM
Thanks: coresecurity.com

Remote File Inclusion
        File: activities/workflow-activities.php
        Variable: $include_directory
        Required register_globals: Yes

XSS
        Multiple Files
        Variable: $msg
        Quote limitations: Yes

Information Gathering
        tests/info.php
        phpinfo() call

##############################################################

# milw0rm.com [2008-07-25]

Prev by Date: Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow
Next by Date: ezContents CMS Renote File inclusion
Previous by thread: Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow
Next by thread: ezContents CMS Renote File inclusion
Index(es):
- Date
- Thread