Test ID:	1.3.6.1.4.1.25623.1.0.58318
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200706-07 (phprojekt)
Summary:	The remote host is missing updates announced in;advisory GLSA 200706-07.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200706-07. Vulnerability Insight: Multiple vulnerabilities have been discovered in PHProjekt, allowing for the execution of arbitrary PHP and SQL code, and cross-site scripting attacks. Solution: All PHProjekt users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/phprojekt-5.2.1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1575 BugTraq ID: 22955 http://www.securityfocus.com/bid/22955 Bugtraq: 20070314 n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection (Google Search) http://www.securityfocus.com/archive/1/462789/100/0/threaded http://security.gentoo.org/glsa/glsa-200706-07.xml http://www.nruns.com/security_advisory_phprojekt_sql_injection.php http://secunia.com/advisories/24509 http://secunia.com/advisories/25748 http://securityreason.com/securityalert/2466 Common Vulnerability Exposure (CVE) ID: CVE-2007-1576 BugTraq ID: 22957 http://www.securityfocus.com/bid/22957 Bugtraq: 20070314 n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion (Google Search) http://www.securityfocus.com/archive/1/462788/100/0/threaded http://www.nruns.de/security_advisory_phprojekt_xss_and_filter_evasion.php http://osvdb.org/34064 http://osvdb.org/34065 http://osvdb.org/34066 http://osvdb.org/34067 http://osvdb.org/34068 http://osvdb.org/34069 http://securityreason.com/securityalert/2459 Common Vulnerability Exposure (CVE) ID: CVE-2007-1638 Bugtraq: 20070314 n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery (Google Search) http://www.securityfocus.com/archive/1/462786/100/100/threaded http://www.nruns.de/security_advisory_phprojekt_csrf.php http://osvdb.org/35162 http://securityreason.com/securityalert/2477 XForce ISS Database: phprojekt-multiple-modules-csrf(32989) https://exchange.xforce.ibmcloud.com/vulnerabilities/32989 Common Vulnerability Exposure (CVE) ID: CVE-2007-1639 BugTraq ID: 22956 http://www.securityfocus.com/bid/22956 Bugtraq: 20070314 n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation (Google Search) http://www.securityfocus.com/archive/1/462785/100/100/threaded http://www.nruns.de/security_advisory_phprojekt_privilege_escalation.php http://osvdb.org/35163 http://securityreason.com/securityalert/2476 XForce ISS Database: phprojekt-calendarfile-file-upload(32995) https://exchange.xforce.ibmcloud.com/vulnerabilities/32995
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.