phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Gravedad: Medio
Identificadores de CVE : CVE-2008-6132
Fecha recomendada: 21 de julio de 2015
Descripción
phpScheduleIt is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1005916
Trend Micro Deep Security DPI Rule Name: 1005916 - phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Software y versión afectados
- brickhost phpscheduleit 1.0
- brickhost phpscheduleit 1.0.0rc1
- brickhost phpscheduleit 1.0_rc1
- brickhost phpscheduleit 1.2.0
- brickhost phpscheduleit 1.2.1
- brickhost phpscheduleit 1.2.10
- brickhost phpscheduleit 1.2.2
- brickhost phpscheduleit 1.2.3
- brickhost phpscheduleit 1.2.4
- brickhost phpscheduleit 1.2.5
- brickhost phpscheduleit 1.2.6
- brickhost phpscheduleit 1.2.7
- brickhost phpscheduleit 1.2.8
- brickhost phpscheduleit 1.2.9