---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/ ---------------------------------------------------------------------- TITLE: URLshrink Free Unspecified Vulnerability SECUNIA ADVISORY ID: SA24731 VERIFY ADVISORY: http://secunia.com/advisories/24731/ CRITICAL: Highly critical IMPACT: Unknown, System access WHERE: >From remote SOFTWARE: URLshrink Free 1.x http://secunia.com/product/13633/ DESCRIPTION: A vulnerability has been reported in URLshrink Free, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. This can be exploited via unknown vectors to "tamper with your site". The vulnerability is reported in versions prior to 1.3.2. NOTE: the vulnerability may be related to a PHP script insertion vulnerability reported by Dj7xpl. SOLUTION: Update to version 1.3.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://developers.jccorp.net/modules/newbb/viewtopic.php?forum=8&post_id=77#forumpost77 http://milw0rm.com/exploits/3611 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------