News Feed
Jobs Feed
Sections




News Archive
SecWatch.org:
CJ Tag Board Multiple Parameter Handling PHP Code Injection Vulnerabilities
by Chris Cornutt August 30, 2006 @ 08:18:29

According to this posting on the SecWatch board today, there are some issues with the CJ Tag Board software that allow for code injection issues.

Multiple input validation vulnerabilities in CJ Tag Board have been reported, which can be exploited by remote users to compromise a vulnerable system.

The issue comes from improperly filtered user input for the "User-Agent" HTTP header and the "banned" parameter for the admin side. This issue effects CJ Tag Board version 3.0. No update or patch has been posted as of yet to correct this issue.

0 comments voice your opinion now!
vulnerabilities injection parameter handing filter input vulnerabilities injection parameter handing filter input


blog comments powered by Disqus

Similar Posts

John Cox\'s Blog: vTiger multiple vulnerabilities

Zend Developer Zone: PHP Built in Input filtering

Jani Hartikainen's Blog: What would make template engines actually useful?

Infosec Institute: SQL Injection through HTTP Headers

DZone.com: File Path Injection in PHP <= 5.3.6 File Update (CVE 2011-2202)


 Community Events











Don't see your event here?
Let us know!

functional interview language opinion code testing tool unittest series example zendframework2 framework introduction community phpunit release object podcast application development

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework