FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  368455
Date:      2014-09-18
Time:      13:20:57Z
Committer: madpilot

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
86526ba4-53c8-11db-8f1a-000a48049292phpbb -- NULL byte injection vulnerability

Secunia reports:

ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system.

Input passed to the "avatar_path" parameter in admin/admin_board.php is not properly sanitised before being used as a configuration variable to store avatar images. This can be exploited to upload and execute arbitrary PHP code by changing "avatar_path" to a file with a trailing NULL byte.

Successful exploitation requires privileges to the administration section.


Discovery 2006-09-12
Entry 2006-10-04
Modified 2006-12-24
phpbb
zh-phpbb-tw
lt 2.0.22

20347
CVE-2006-4758
http://secunia.com/advisories/22188/
http://xforce.iss.net/xforce/xfdb/28884
http://www.security.nnov.ru/Odocument221.html
86526ba4-53c8-11db-8f1a-000a48049292phpbb -- NULL byte injection vulnerability

Secunia reports:

ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system.

Input passed to the "avatar_path" parameter in admin/admin_board.php is not properly sanitised before being used as a configuration variable to store avatar images. This can be exploited to upload and execute arbitrary PHP code by changing "avatar_path" to a file with a trailing NULL byte.

Successful exploitation requires privileges to the administration section.


Discovery 2006-09-12
Entry 2006-10-04
Modified 2006-12-24
phpbb
zh-phpbb-tw
lt 2.0.22

20347
CVE-2006-4758
http://secunia.com/advisories/22188/
http://xforce.iss.net/xforce/xfdb/28884
http://www.security.nnov.ru/Odocument221.html