PT-2005-1804 · Photopost · Photopost Php

Igor Franchuk

Publicado

2005-03-20

Atualizado

2017-07-11

CVE-2005-0775

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PhotoPost PHP version 5.0 RC3

Description The issue concerns the reportpost action in misc.php, which fails to limit the logging data sent to the administrator. This allows remote attackers to send large amounts of email to the administrator.

Recommendations For PhotoPost PHP version 5.0 RC3, consider restricting access to the reportpost action in misc.php to prevent abuse, or limit the amount of logging data that can be sent to the administrator to mitigate the risk of receiving large amounts of email.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0775

Produtos afetados

Photopost Php

PT-2005-1804 · Photopost · Photopost Php

CVE-2005-0775

Identificadores relacionados

Produtos afetados

Referências · 6