xrms 1.99.2 (RFI-XSS-IG) Multiple Remote Vulnerabilities

2008-07-25 00:00:00

##############################################################

XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)
Author: AzzCoder [[email protected]]
Product: http://www.xrms.org/
Product Type: CRM
Thanks: coresecurity.com

Remote File Inclusion
File: activities/workflow-activities.php
Variable: $include_directory
Required register_globals: Yes

XSS
Multiple Files
Variable: $msg
Quote limitations: Yes

Information Gathering
tests/info.php
phpinfo() call

##############################################################

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.