DropAFew editlogcal.php id Variable Arbitrary User Information Disclosure

2007-04-10T09:04:03
ID OSVDB:34924
Type osvdb
Reporter OSVDB
Modified 2007-04-10T09:04:03

Description

Solution Description

Upgrade to version 0.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.dropafew.com/ Vendor Specific News/Changelog Entry: http://www.dropafew.com/sphpblog/index.php?entry=entry070403-224437 Secunia Advisory ID:24861 Related OSVDB ID: 34922 Related OSVDB ID: 34923 Related OSVDB ID: 34921 Related OSVDB ID: 34925 Related OSVDB ID: 34926 Other Advisory URL: https://www.cynops.de/advisories/CVE-2007-1363.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0355.html ISS X-Force ID: 33561 CVE-2007-1364 Bugtraq ID: 23400