2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities

This host is running 2532-Gigs and is prone to Directory Traversal and SQL Injection Vulnerabilities.
Successful exploitation will allow attacker to cause directory traversal or SQL injection attacks, and can execute arbitrary code when register_globals is enabled and magic_quotes_gpc is disabled. Impact level: System/Application
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
- Vulnerability exists in activateuser.php, manage_venues.php, mini_calendar.php, deleteuser.php, settings.php, and manage_gigs.php files when input passed to the 'language' parameter is not properly verified before being used to include files via a .. (dot dot). - Input passed to the 'username' and 'password' parameters in checkuser.php is not properly sanitised before being used in SQL queries. - Error in upload_flyer.php which can be exploited by uploading a file with an executable extension, then accessing it via a direct request to the file in flyers/.
2532-Gigs version 1.2.2 and prior.

Updated on 2017-03-28