phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Severity: : Medium
CVE Kennungen: : CVE-2008-6132
Advisory Date: 21 de июля de 2015
DESCRIPTION
phpScheduleIt is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005916
Trend Micro Deep Security DPI Rule Name: 1005916 - phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
AFFECTED SOFTWARE AND VERSION:
- brickhost phpscheduleit 1.0
- brickhost phpscheduleit 1.0.0rc1
- brickhost phpscheduleit 1.0_rc1
- brickhost phpscheduleit 1.2.0
- brickhost phpscheduleit 1.2.1
- brickhost phpscheduleit 1.2.10
- brickhost phpscheduleit 1.2.2
- brickhost phpscheduleit 1.2.3
- brickhost phpscheduleit 1.2.4
- brickhost phpscheduleit 1.2.5
- brickhost phpscheduleit 1.2.6
- brickhost phpscheduleit 1.2.7
- brickhost phpscheduleit 1.2.8
- brickhost phpscheduleit 1.2.9