Lucene search
K

3 matches found

seebug.org
seebug.org
added 2006/11/04 12:0 a.m.44 views

Kayako eSupport autoclose.php远程文件包含漏洞

Kayako eSupport是基于Web的后台技术支持应用程序。 Kayako eSupport对用户请求的处理上存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 Kayako eSupport的esupport/admin/autoclose.php脚本没有正确的过滤subd变量参数的输入,允许攻击者通过包含本地或外部资源导致执行任意代码。 相关的漏洞代码如下: requireonce $subd . "functions.php"; Kayako eSupport = 2.3.1 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/08/03 12:0 a.m.54 views

Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability:

Script: Kayako eSupport = 2.3.1 Vendor: Kayako www.kayako.com Discovered: beford xbefordx gmail com Comments: It seems like the vendor silently fixed the issue in the current version more like since v2.3.5 withouth warning users of previous versions, noobs. Requires that "registerglobals" is...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2006/08/02 12:0 a.m.54 views

Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability

No description provided by source. Script: Kayako eSupport = 2.3.1 Vendor: Kayako www.kayako.com Discovered: beford xbefordx gmail com Comments: It seems like the vendor silently fixed the issue in the current version more like since v2.3.5 withouth warning users of previous versions, noobs...

7.1AI score
Exploits0
Rows per page
Query Builder