xrms-rfixss.txt

2008-07-25T00:00:00
ID PACKETSTORM:68495
Type packetstorm
Reporter AzzCoder
Modified 2008-07-25T00:00:00

Description

                                        
                                            `##############################################################  
  
XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)  
Author: AzzCoder [azzcoder@hotmail.com]  
Product: http://www.xrms.org/  
Product Type: CRM  
Thanks: coresecurity.com  
  
Remote File Inclusion  
File: activities/workflow-activities.php  
Variable: $include_directory  
Required register_globals: Yes  
  
XSS  
Multiple Files  
Variable: $msg  
Quote limitations: Yes  
  
Information Gathering  
tests/info.php  
phpinfo() call  
  
############################  
`