News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SecWatch.org:
CJ Tag Board Multiple Parameter Handling PHP Code Injection Vulnerabilities
August 30, 2006 @ 08:18:29

According to this posting on the SecWatch board today, there are some issues with the CJ Tag Board software that allow for code injection issues.

Multiple input validation vulnerabilities in CJ Tag Board have been reported, which can be exploited by remote users to compromise a vulnerable system.

The issue comes from improperly filtered user input for the "User-Agent" HTTP header and the "banned" parameter for the admin side. This issue effects CJ Tag Board version 3.0. No update or patch has been posted as of yet to correct this issue.

0 comments voice your opinion now!
vulnerabilities injection parameter handing filter input vulnerabilities injection parameter handing filter input


blog comments powered by Disqus

Similar Posts

Philip Olson's Blog: 20 possible reasons why PHP function names and parameters are weird

Fabien Potencier's Blog: Do you need a Dependency Injection Container?

GoodPHPTutorials.com: SQL Injections in PHP with MySQL

Hasin Hayder's Blog: An interesting bug in ReflectionParameter object in PHP 5.2.1

International PHP Magazine: IPM Poll Question: The Most Common PHP Security Mistake Is?


Community Events

Don't see your event here?
Let us know!


example php7 opinion podcast configure release conference api laravel community voicesoftheelephpant series library application interview introduction framework part2 symfony2 performance

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework