Vulnerability CVE-2005-0870


Published: 2005-05-02   Modified: 2012-02-12

Description:
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
phpSysInfo 2.3 Multiple vulnerabilities
Maksymilian Arci...
30.09.2005

Vendor: Phpsysinfo
Product: Phpsysinfo 
Version: 2.3;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://xforce.iss.net/xforce/xfdb/19807
http://www.debian.org/security/2005/dsa-724
http://secunia.com/advisories/14690/
http://marc.theaimsgroup.com/?l=bugtraq&m=111161017209422&w=2
http://www.securityfocus.com/bid/15414
http://www.securityfocus.com/bid/12887
http://www.securityfocus.com/archive/1/416543
http://www.mandriva.com/security/advisories?name=MDKSA-2005:212
http://www.debian.org/security/2005/dsa-899
http://www.debian.org/security/2005/dsa-898
http://www.debian.org/security/2005/dsa-897
http://secunia.com/advisories/17643
http://secunia.com/advisories/17616
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=301118

Related CVE
CVE-2007-4048
Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2006-3360
Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different e...
CVE-2005-3348
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in th...
CVE-2005-0869
phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to (1) class.OpenBSD.inc.php, (2) class.NetBSD.inc.php, (3) class.FreeBSD.inc.php, (4) class.Darwin.inc.php, (5) XPath.class.php, (6) system_header.php, or (7...
CVE-2003-0536
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng par...

Copyright 2019, cxsecurity.com

 

Back to Top