Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Sitemap

CVE-2008-1609 (jaf_cms)
BugsAlert Home > CVE-2008-1609 (jaf_cms)
 
 

Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir parameter to forum/forum.php. NOTE: other main_dir vectors are already covered by CVE-2006-7127.




Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1609

Learn more about CVE-2008-1609 (jaf_cms)
 
Tags: cve-2008-1609 jaf cms

Related Items
      rPath update for tetex

      SuSE: OpenOffice_org (SUSE-SA:2008:023)

      FrSIRT - Debian Security Update Fixes Cacti Input Validation Vulnerabilities

      Vuln: Microsoft XML Core Services Race Condition Memory Corruption Vulnerability

      PE_PARITE.A

      CVE-2007-6254 (Business Objects)

      FrSIRT - Mandriva Security Update Fixes PCRE Code Execution Vulnerabilities

 
© 2007-2008 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel