Comdev CSV Importer ‘include.php’PHP远程文件包含漏洞

漏洞信息详情

Comdev CSV Importer ‘include.php’PHP远程文件包含漏洞

• CNNVD编号：CNNVD-200610-037
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2006-5101
  
• 漏洞类型：
  
  
  代码注入
  
• 发布时间：
  
  2006-10-03
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-10-16
  
• 厂        商：
  
  comdev
• 漏洞来源：

Comdev CSV Importer 3.1可能还有4.1的include.php中存在PHP远程文件包含漏洞(用在(1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1和 (12) Comdev eCommerce 3.1中)，远程攻击者可以通过path[docroot]参数中的URL执行任意PHP代码。

来源: BUGTRAQ

名称: 20060927 Comdev Events Calendar 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447213/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Newsletter 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447209/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Guestbook 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447207/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev FAQ Support 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447201/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev eCommerce 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447194/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Web Blogger 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447193/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Contact Form 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447192/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev News Publisher 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447190/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Customer Helpdesk 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447188/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Photo Gallery 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447187/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Vote Caster 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447186/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev Links Directory 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447185/100/0/threaded

来源: BUGTRAQ

名称: 20060927 Comdev CSV Importer 3.1 🙂 <= Remote File Inclusion

链接:http://www.securityfocus.com/archive/1/archive/1/447184/100/0/threaded

来源: OSVDB

名称: 29311

链接:http://www.osvdb.org/29311

来源: OSVDB

名称: 29310

链接:http://www.osvdb.org/29310

来源: OSVDB

名称: 29309

链接:http://www.osvdb.org/29309

来源: OSVDB

名称: 29308

链接:http://www.osvdb.org/29308

来源: OSVDB

名称: 29307

链接:http://www.osvdb.org/29307

来源: OSVDB

名称: 29306

链接:http://www.osvdb.org/29306

来源: OSVDB

名称: 29305

链接:http://www.osvdb.org/29305

来源: OSVDB

名称: 29304

链接:http://www.osvdb.org/29304

来源: OSVDB

名称: 29303

链接:http://www.osvdb.org/29303

来源: OSVDB

名称: 29302

链接:http://www.osvdb.org/29302

来源: OSVDB

名称: 29301

链接:http://www.osvdb.org/29301

来源: OSVDB

名称: 29300

链接:http://www.osvdb.org/29300

来源: OSVDB

名称: 29299

链接:http://www.osvdb.org/29299

来源: VUPEN

名称: ADV-2006-3815

链接:http://www.frsirt.com/english/advisories/2006/3815

来源: VUPEN

名称: ADV-2006-3814

链接:http://www.frsirt.com/english/advisories/2006/3814

来源: VUPEN

名称: ADV-2006-3813

链接:http://www.frsirt.com/english/advisories/2006/3813

来源: VUPEN

名称: ADV-2006-3812

链接:http://www.frsirt.com/english/advisories/2006/3812

来源: VUPEN

名称: ADV-2006-3811

链接:http://www.frsirt.com/english/advisories/2006/3811

来源: VUPEN

名称: ADV-2006-3810

链接:http://www.frsirt.com/english/advisories/2006/3810

来源: VUPEN

名称: ADV-2006-3809

链接:http://www.frsirt.com/english/advisories/2006/3809

来源: VUPEN

名称: ADV-2006-3808

链接:http://www.frsirt.com/english/advisories/2006/3808

来源: VUPEN

名称: ADV-2006-3807

链接:http://www.frsirt.com/english/advisories/2006/3807

来源: VUPEN

名称: ADV-2006-3806

链接:http://www.frsirt.com/english/advisories/2006/3806

来源: VUPEN

名称: ADV-2006-3805

链接:http://www.frsirt.com/english/advisories/2006/3805

来源: VUPEN

名称: ADV-2006-3804

链接:http://www.frsirt.com/english/advisories/2006/3804

来源: VUPEN

名称: ADV-2006-3803

链接:http://www.frsirt.com/english/advisories/2006/3803

来源: SECUNIA

名称: 22169

链接:http://secunia.com/advisories/22169

来源: SECUNIA

名称: 22168

链接:http://secunia.com/advisories/22168

来源: S