漏洞信息详情
CPG include/function.inc.php SQL注入漏洞
漏洞简介
Coppermine Photo Gallery (CPG) 1.4.8中的include/function.inc.php存在SQL注入漏洞。\"Keep detailed hit statistics\"启用时,远程攻击者可以借助(1)访问来源和(2)用户代理HTTP标头,执行任意SQL命令。
漏洞公告
目前厂商已经发布了相关补丁,请到厂商的主页下载:
Adobe Reader 3.0
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 4.0 5c
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 4.0
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 4.0 5
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 4.0.5 A
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 5.0
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 5.0.10
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 5.0.5
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 5.1
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 6.0
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 6.0.1
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 6.0.2
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 6.0.3
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 6.0.4
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 7.0
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe Adobe Reader 7.0.8 for Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =Windows
Adobe Reader 7.0.1
Adobe Adobe Reader 7.0.8 for Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform =MacIntosh
Adobe
参考网址
来源: BUGTRAQ
名称: 20060611 [KAPDA::48]CopperminePhotoGallery1.4.8~ addhit() function~ SQLinjection attack
链接:http://www.securityfocus.com/archive/1/archive/1/436799/30/4470/threaded
来源: VUPEN
名称: ADV-2006-2317
链接:http://www.frsirt.com/english/advisories/2006/2317
来源: SECUNIA
名称: 20597
链接:http://secunia.com/advisories/20597
来源: MISC
链接:http://myimei.com/security/2006-06-11/copperminephotogallery148-addhit-function-sqlinjection-attack.html
受影响实体
- Coppermine Coppermine_photo_gallery:1.4.8<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...