TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
258
Signature ID: 1878
WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation
Vulnerability
Threat Level: Information
Industry ID: CVE-2004-0030 Bugtraq: 9368 Nessus: 11982
Signature Description: PHPGedView(PGV) is a free PHP-based web application for working with genealogy data on
the internet. PHPGedView has full editing capabilities, can import from GEDCOM files, and supports the multimedia.
PHPGedView(PHPGedView version 2.61) is prone to multiple file include vulnerabilities. BY sending a specially-
crafted URL request to the authentication_index.php script using the $PGV_BASE_DIRECTORY variable to specify a
malicious file from a remote system as a parameter, a remote attacker could use this vulnerability and execute arbitrary
code on the vulnerable server. Upgrade the latest version, which is available at vendor's website.
Signature ID: 1879
WEB-PHP PhpGedView PGV base directory manipulation Vulnerability
Threat Level: Information
Industry ID: CVE-2004-0030 Bugtraq: 9368 Nessus: 11982
Signature Description: PHPGedView(PGV) is a free PHP-based web application for working with genealogy data on
the internet. PHPGedView has full editing capabilities, can import from GEDCOM files, and supports the multimedia.
PHPGedView(PHPGedView version 2.61) is prone to multiple file include vulnerabilities. BY sending a specially-
crafted URL request to the _conf.php script using the $PGV_BASE_DIRECTORY variable to specify a malicious file
from a remote system as a parameter, a remote attacker could use this vulnerability and execute arbitrary code on the
vulnerable server. Upgrade the latest version, which is available at vendor's website.
Signature ID: 1880
WEB-PHP PhpGedView config_gedcom.php base directory manipulation Vulnerability
Threat Level: Information
Industry ID: CVE-2004-0030 Bugtraq: 9368 Nessus: 11982
Signature Description: PHPGedView(PGV) is a free PHP-based web application for working with genealogy data on
the internet. PHPGedView has full editing capabilities, can import from GEDCOM files, and supports the multimedia.
PHPGedView(PHPGedView version 2.61) is prone to multiple file include vulnerabilities. BY sending a specially-
crafted URL request to the config_gedcom.php script using the $PGV_BASE_DIRECTORY variable to specify a
malicious file from a remote system as a parameter, a remote attacker could use this vulnerability and execute arbitrary
code on the vulnerable server. Upgrade the latest version, which is available at vendor's website.
Signature ID: 1881
WEB-PHP PhpGedView functions.php base directory manipulation Vulnerability
Threat Level: Information
Industry ID: CVE-2004-0030
Bugtraq: 9368 Nessus: 11982
Signature Description: PHPGedView(PGV) is a free PHP-based web application for working with genealogy data on
the internet. PHPGedView has full editing capabilities, can import from GEDCOM files, and supports the multimedia.
PHPGedView(PHPGedView version 2.61) is prone to multiple file include vulnerabilities. BY sending a specially-
crafted URL request to the functions.php script using the $PGV_BASE_DIRECTORY variable to specify a malicious
file from a remote system as a parameter, a remote attacker could use this vulnerability and execute arbitrary code on
the vulnerable server. Upgrade the latest version, which is available at vendor's website.