Vulnerabilities > CVE-2005-4317 - Unspecified vulnerability in Limbo CMS Limbo CMS
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not protect the $_SERVER variable from external modification, which allows remote attackers to use the _SERVER[REMOTE_ADDR] parameter to (1) conduct cross-site scripting (XSS) attacks in the stats module or (2) execute arbitrary code via an eval injection attack in the wrapper option in index2.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Limbo CMS 1.0.4 .2 index.php _SERVER[REMOTE_ADDR] Parameter XSS. CVE-2005-4317. Webapps exploit for php platform |
id | EDB-ID:26836 |
last seen | 2016-02-03 |
modified | 2005-12-14 |
published | 2005-12-14 |
reporter | rgod |
source | https://www.exploit-db.com/download/26836/ |
title | Limbo CMS 1.0.4.2 - index.php _SERVERREMOTE_ADDR Parameter XSS |
Nessus
NASL family | CGI abuses |
NASL id | LIMBO_MULTIPLE_FLAWS.NASL |
description | The remote host is running Limbo CMS, a content-management system written in PHP. The remote version of this software is vulnerable to several flaws including : - If register_globals is off and Limbo is configured to use a MySQL backend, then a SQL injection is possible due to improper sanitization of the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 20824 |
published | 2006-01-30 |
reporter | This script is Copyright (C) 2006-2018 Josh Zlatin-Amishav |
source | https://www.tenable.com/plugins/nessus/20824 |
title | Limbo CMS Multiple Vulnerabilities |
code |
|
References
- http://rgod.altervista.org/limbo1042_xpl.html
- http://secunia.com/advisories/18063/
- http://securityreason.com/securityalert/255
- http://securitytracker.com/id?1015364
- http://www.osvdb.org/21754
- http://www.osvdb.org/21756
- http://www.securityfocus.com/archive/1/419470/100/0/threaded
- http://www.securityfocus.com/bid/15871/
- http://www.vupen.com/english/advisories/2005/2932