phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Gravità: : Medio
Identificatori CVE: CVE-2008-6132
Data notifica: 21 luglio 2015
Descrizione
phpScheduleIt is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1005916
Trend Micro Deep Security DPI Rule Name: 1005916 - phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Software e versione interessati:
- brickhost phpscheduleit 1.0
- brickhost phpscheduleit 1.0.0rc1
- brickhost phpscheduleit 1.0_rc1
- brickhost phpscheduleit 1.2.0
- brickhost phpscheduleit 1.2.1
- brickhost phpscheduleit 1.2.10
- brickhost phpscheduleit 1.2.2
- brickhost phpscheduleit 1.2.3
- brickhost phpscheduleit 1.2.4
- brickhost phpscheduleit 1.2.5
- brickhost phpscheduleit 1.2.6
- brickhost phpscheduleit 1.2.7
- brickhost phpscheduleit 1.2.8
- brickhost phpscheduleit 1.2.9