FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 18:22:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
50457509-d05e-11d9-9aed-000e0c2e438a	phpSysInfo -- cross site scripting vulnerability A Securityreason.com advisory reports that various cross site scripting vulnerabilities have been found in phpSysInfo. Input is not properly sanitised before it is returned to the user. A malicious person could exploit this to execute arbitrary HTML and script code in a users browser session. Also it is possible to view the full path of certain scripts by accessing them directly. Discovery 2005-03-22 Entry 2005-07-09 Modified 2005-12-25 phpSysInfo < 2.5.1 12887 CVE-2005-0869 CVE-2005-0870 http://marc.theaimsgroup.com/?l=bugtraq&m=111161017209422
88260dfe-3d21-11dc-b3d3-0016179b2dd5	phpsysinfo -- url Cross-Site Scripting Doz reports: A Input passed in the URL to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Discovery 2007-07-27 Entry 2007-07-28 Modified 2007-08-01 phpSysInfo < 2.5.3_1 http://secunia.com/advisories/26248/
9c1cea79-548a-11da-b53f-0004614cc33d	phpSysInfo -- "register_globals" emulation layer overwrite vulnerability A Secunia Advisory reports: Christopher Kunz has reported a vulnerability in phpSysInfo, which can be exploited by malicious people to manipulate certain information. The vulnerability is caused due to an error in the "register_globals" emulation layer where certain arrays used by the system can be overwritten. This can be exploited to execute arbitrary HTML and script code in a user's browser session and include arbitrary files from local resources. Discovery 2005-11-10 Entry 2005-11-13 Modified 2005-12-25 phpSysInfo < 2.5.1 http://www.hardened-php.net/advisory_222005.81.html http://secunia.com/advisories/17441/

VuXML ID

Description

50457509-d05e-11d9-9aed-000e0c2e438a

phpSysInfo -- cross site scripting vulnerability

A Securityreason.com advisory reports that various cross site scripting vulnerabilities have been found in phpSysInfo. Input is not properly sanitised before it is returned to the user. A malicious person could exploit this to execute arbitrary HTML and script code in a users browser session. Also it is possible to view the full path of certain scripts by accessing them directly.

Discovery 2005-03-22
Entry 2005-07-09
Modified 2005-12-25
phpSysInfo

< 2.5.1

12887
CVE-2005-0869
CVE-2005-0870
http://marc.theaimsgroup.com/?l=bugtraq&m=111161017209422

88260dfe-3d21-11dc-b3d3-0016179b2dd5

phpsysinfo -- url Cross-Site Scripting

Doz reports:

A Input passed in the URL to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Discovery 2007-07-27
Entry 2007-07-28
Modified 2007-08-01
phpSysInfo

< 2.5.3_1

http://secunia.com/advisories/26248/

9c1cea79-548a-11da-b53f-0004614cc33d

phpSysInfo -- "register_globals" emulation layer overwrite vulnerability

A Secunia Advisory reports:

Christopher Kunz has reported a vulnerability in phpSysInfo, which can be exploited by malicious people to manipulate certain information.

The vulnerability is caused due to an error in the "register_globals" emulation layer where certain arrays used by the system can be overwritten. This can be exploited to execute arbitrary HTML and script code in a user's browser session and include arbitrary files from local resources.

Discovery 2005-11-10
Entry 2005-11-13
Modified 2005-12-25
phpSysInfo

< 2.5.1

http://www.hardened-php.net/advisory_222005.81.html
http://secunia.com/advisories/17441/