phpTodo Unspecified Regular Expression Newline Injection

2007-04-07T14:45:15
ID OSVDB:35284
Type osvdb
Reporter OSVDB
Modified 2007-04-07T14:45:15

Description

Solution Description

Upgrade to version 0.8.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://phptodo.godshell.com/ Vendor Specific News/Changelog Entry: http://phptodo.godshell.com/ChangeLog Vendor Specific Advisory URL FrSIRT Advisory: ADV-2007-1774 CVE-2007-2636