diff options
author | flo <flo@FreeBSD.org> | 2011-10-26 15:57:19 +0800 |
---|---|---|
committer | flo <flo@FreeBSD.org> | 2011-10-26 15:57:19 +0800 |
commit | b6e5e3d889a7a5e3b4d4fdb00988bbcaa71c65e2 (patch) | |
tree | 8d2eeb3b558f1b69f2b2dbd56dd89ddae20f4265 | |
parent | 9e25c52b7f0d2956451b6af342307208d633bd57 (diff) | |
download | freebsd-ports-gnome-b6e5e3d889a7a5e3b4d4fdb00988bbcaa71c65e2.tar.gz freebsd-ports-gnome-b6e5e3d889a7a5e3b4d4fdb00988bbcaa71c65e2.tar.zst freebsd-ports-gnome-b6e5e3d889a7a5e3b4d4fdb00988bbcaa71c65e2.zip |
document phpmyfaq remote PHP code injection vulnerability
-rw-r--r-- | security/vuxml/vuln.xml | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 4a7433162f7e..32e3c5a8fc56 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,35 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="395e0faa-ffa7-11e0-8ac4-6c626dd55a41"> + <topic>phpmyfaq -- Remote PHP Code Injection Vulnerability</topic> + <affects> + <package> + <name>phpmyfaq</name> + <range><lt>2.6.19</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The phpMyFAQ project reports:</p> + <blockquote cite="http://www.phpmyfaq.de/advisory_2011-10-25.php"> + <p>The phpMyFAQ Team has learned of a serious security issue that has + been discovered in our bundled ImageManager library we use in + phpMyFAQ 2.6 and 2.7. The bundled ImageManager library allows + injection of arbitrary PHP code via POST requests.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.phpmyfaq.de/advisory_2011-10-25.php</url> + <url>http://forum.phpmyfaq.de/viewtopic.php?f=3&t=13402</url> + </references> + <dates> + <discovery>2011-10-25</discovery> + <entry>2011-10-26</entry> + </dates> + </vuln> + <vuln vid="edf47177-fe3f-11e0-a207-0014a5e3cda6"> <topic>phpLDAPadmin -- Remote PHP code injection vulnerability</topic> <affects> |