SUSE CVE-2007-5641

Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter to 1 certinfo/index.php, 2 emails/index.php, 3 events/index.php, 4 fax/index.php, 5 files/index.php, 6...

SuSE9 Security Update : Tomcat (YOU Patch Number 12078)

Fixed various issues in tomcat : - modjk directory traversal. CVE-2007-1860 - Handling of cookies containing a ' character. CVE-2007-3382 - Handling of a double-quote character in cookies. CVE-2007-3385 - tomcat path traversal / information leak. CVE-2007-5641 - tomcat HTTP Request Smuggling...

openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4992)

Fixed various issues in tomcat : - CVE-2006-7196: Cross-site scripting XSS vulnerability in example JSP applications - CVE-2007-3382: Handling of cookies containing a ' character - CVE-2007-3385: Handling of ' in cookies - CVE-2007-5641: tomcat path traversal / information leak - CVE-2007-1860:...

SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 4990)

Cross-site scripting XSS vulnerability in example JSP applications. CVE-2006-7196 - Handling of cookies containing a ' character. CVE-2007-3382 - Handling of ' in cookies. CVE-2007-3385 - tomcat path traversal / information leak. CVE-2007-5641 - directory traversal. CVE-2007-1860 - tomcat https...

Immunity Canvas: PHPPM_INCLUDE

Name| phppminclude ---|--- CVE| CVE-2007-5641 Exploit Pack| CANVAS Description| PHP Project Management = 0.8.10 remote file include Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: php-pm CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5641 CVE Name: CVE-2007-5641...

CVE-2007-5641

CVE-2007-5641 affects PHP Project Management 0.8.10 and earlier. The vulnerability is a remote file inclusion (RFI) weakness allowing an attacker to supply a URL in the full_path parameter to multiple modules (e.g., certinfo, emails, events, files, projects, etc.) to execute arbitrary PHP code on...