WatchMouse keeps watch for the latest security news and vulnerability reports. Check here on a regular basis for updates or sign up using the form on the right to receive our security news updates via email.
View a full list of the most recent vulnerabilities here.
View a full list of the most recent vulnerabilities here.
Phpkobo Multiple Products 'LANG_CODE' Parameter Local File Include Vulnerability
|
16 Mar 2010 |
| Multiple Phpkobo products are prone to a local file-include vulnerability because they fail to properly sanitize user-supplied input. An attacker can exploit the issue to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. The following products are affected: Phpkobo AdFreely Phpkobo Address Book Script Phpkobo Short URL Phpkobo Real Estate Contact Form Script |
|
| Securityfocus.com | |
