IT Security - Tips, Trends, News: CAN-2005-2699 (PHPKIT)

Wednesday, August 31, 2005

CAN-2005-2699 (PHPKIT)

admin/admin.php in PHPKit 1.6.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a .php file to the content/images/ directory using images.php. NOTE: if a PHPKit administrator must already have access to the end system to install or modify configuration of the product, then this issue might not cross privilege boundaries, and should not be included in CVE. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:10:34 PMContent source: http://nvd.nist.gov/nvd.cfm?cvename=CAN-2005-2699

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home

About

Always up to date information on network security, vulnerability management, hackers, viruses and worms - oh my! And, what you can do about them. Keep any eye out against intruders, malicious insiders, hackers, rogue wireless and much more, here at my blogspot.

: Name: NetClarity; Location: Bedford, Massachusetts, United States

Gary S. Miliefsky is a regular contributor to Hakin9 Magazine. He is the founder and Chief Technology Officer (CTO) of NetClarity, Inc, where he can be found at http:// www.netclarity.net. He is a 20+ year information security veteran and computer scientist. He is a member of ISC2.org, CISSP® and Advisory Board of the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), serves on the advisory board of MITRE on the CVE Program (http://CVE.mitre.org) and is a founding Board member of the National Information Security Group (http:// www.NAISG.org).

View my complete profile

IT Security - Tips, Trends, News

Wednesday, August 31, 2005

CAN-2005-2699 (PHPKIT)

0 Comments:

About

About Me

Previous