Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Recent | Sitemap

CVE-2007-6396 (Flat PHP Board)
BugsAlert Home > CVE-2007-6396 (Flat PHP Board)
 
 

Direct static code injection vulnerability in index.php in Flat PHP Board 1.2 and earlier allows remote attackers to inject arbitrary PHP code via the (1) username, (2) password, and (3) email parameters when registering a user account, which can be executed by accessing the user's php file for this account. NOTE: similar code injection might be possible in a user profile.




Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6396

Learn more about CVE-2007-6396 (Flat PHP Board)
 
Tags: cve-2007-6396 flat php board

Related Items
      VLC Activex Bad Pointer Initialization Vulnerability

      CVE-2008-5117 (java_system_identity_manager)

      Vuln: ClamAV 'get_unicode_name()' Off-By-One Heap Based Buffer Overflow Vulnerability

      CVE-2008-4686 (vlc_media_player)

      John Slater: The People Have Spoken?

      FrSIRT - rPath Security Update Fixes CUPS Integer Overflow Vulnerability

      MS07-068 - Critical: Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) - Version:2.3

 
© 2007-2009 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel