paFileDB 3.1

From: Martin Eiszner (martinat_private)
Date: Wed Jul 23 2003 - 23:52:33 PDT

Next message: Michal Zalewski: "Certain operating systems can be sometimes locally DoSed when running on particular types of hardware with certain versions of BIOS in specific multiboot configurations (and you thought XSS is too much?)"

Previous message: Mandrake Linux Security Team: "MDKSA-2003:071-1 - Updated xpdf packages fix arbitrary code execution vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hola,

paFileDB 3.1 (http://www.phparena.net) allows arbitrary file-upload and os-command execution.

(security report attached)


nice day,
mEi


-- 
WebSec.org / Martin Eiszner
Gurkgasse 49/Top14
1140 Vienna
Austria / EUROPE

meiat_private
http://www.websec.org
tel: 0043 699 121772 37

application/octet-stream attachment: pafiledb.txt

Next message: Michal Zalewski: "Certain operating systems can be sometimes locally DoSed when running on particular types of hardware with certain versions of BIOS in specific multiboot configurations (and you thought XSS is too much?)"
Previous message: Mandrake Linux Security Team: "MDKSA-2003:071-1 - Updated xpdf packages fix arbitrary code execution vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 24 2003 - 12:44:31 PDT