IG) Multiple Remote Vulnerabilities

azzcoder Fri, 25 Jul 2008 11:53:15 -0700

##############################################################


XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)

Author: AzzCoder [EMAIL PROTECTED]

Product: http://www.xrms.org/

Product Type: CRM

Thanks: coresecurity.com


Remote File Inclusion

        File: activities/workflow-activities.php

        Variable: $include_directory

        Required register_globals: Yes


XSS

        Multiple Files

        Variable: $msg

        Quote limitations: Yes


Information Gathering

        tests/info.php

        phpinfo() call


##############################################################


# milw0rm.com [2008-07-25]

XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities

Reply via email to