TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
772
malicious file from another remote system by http or https or ftp. While executing this malicious file in our system the
attacker can access what ever he wants as per the malicious code.
Signature ID: 34120
Article System classes.php Remote File Include Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-0314
Bugtraq: 22017
Signature Description: Article System is a content management system (CMS) for creating and management of an
online journal. It's written in HTML/PHP using MySQL or PostgreSQL. Article System 1.0 contains a flaw that may
allow a remote attacker to execute arbitrary commands. A remote attacker can send a specially-crafted URL request to
classes.php script are not properly sanitizing user input supplied to the INCLUDE_DIR variable.It could upload a
malicious file from another remote system by http or https or ftp. While executing this malicious file in our system the
attacker can access what ever he wants as per the malicious code.
Signature ID: 34121
Ezboxx Portal System Path disclosure vulnerability
Threat Level: Information
Industry ID: CVE-2007-0259 Bugtraq: 22029
Signature Description: The Ezboxx portal is powerful online community system built on the highly acclaimed
Megabbs forum software. Ezboxx enables webmasters to very easily create a dynamic and vibrant community website,
full of features and surprises for all visitors and members. The Ezboxx Portal System Beta v 0.7.6 and below versions
are vulnerable. Path information can be disclosed in error pages by passing invalid input to the parameter "cat" in
"knowledgebase.asp".
Signature ID: 34122
Ezboxx Portal System SQL Injection Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0266
Signature Description: The Ezboxx portal is powerful online community system built on the highly acclaimed
Megabbs forum software. Ezboxx enables webmasters to very easily create a dynamic and vibrant community website,
full of features and surprises for all visitors and members. The Ezboxx Portal system Beta v 0.7.6 and below versions
are vulnerable. Input passed to the "iid" parameter in "ShowAppendix.asp" isn't properly verified before being used in
SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The remote attacker
could manipulate our data.
Signature ID: 34123
Ezboxx Portal System SQL Injection Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0266
Signature Description: The Ezboxx portal is powerful online community system built on the highly acclaimed
Megabbs forum software. Ezboxx enables webmasters to very easily create a dynamic and vibrant community website,
full of features and surprises for all visitors and members. The Ezboxx Portal System Beta v 0.7.6 and below versions
are vulnerable. Input passed to the "iid" parameter in "ShowAppendix.asp" isn't properly verified before being used in
SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The remote attacker
could manipulate our data.