PhpCommunity2 Multiple Remote Input Validation Vulnerabilities Network Vulnerability

Summary

phpCommunity2 is prone to multiple input-validation vulnerabilities, including multiple directory-traversal issues and SQL-injection issues, and a cross-site scripting issue. Exploiting these issues could allow an attacker to view arbitrary local files within the context of the webserver, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

References

http://www.securityfocus.com/bid/34056/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4884, CVE-2009-4885, CVE-2009-4886

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
Apache Rave User Information Disclosure Vulnerability
Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
Apache Tomcat DOS Device Name XSS
Apache Struts Directory Traversal Vulnerability

phpCommunity2 Multiple Remote Input Validation Vulnerabilities

Take action and discover your vulnerabilities