WordPress “”PHP_SELF” XSS
Application: WordPress CMS
Version: 2.1.2 or below
Vendor’s URL: http://wordpress.org/
Bug Type: Cross Site Scripting
Risk: Low
Solution:
- Update to version 2.0.10-RC2 or 2.1.3-RC2
Application: WordPress CMS
Version: 2.1.2 or below
Vendor’s URL: http://wordpress.org/
Bug Type: Cross Site Scripting
Risk: Low
Solution:
- Update to version 2.0.10-RC2 or 2.1.3-RC2
Application: PhpX
Version: 3.5.15 or below
Vendor’s URL: http://www.phpx.org
Bug Type: Cross Site Scripting and Sql Injections
Risk: High
Solution:
- Edit the source code to ensure that input is properly sanitized
- Waiting for the official patches that will be available at here
Exabytes EBiz Linux hosting plan comes with Fantastico package that includes many Content Management System (CMS) such as drupal, wordpress, phpnuke, postnuke and others.
It’s understandable that users would want to try out those CMSes and would install them once they have the chance. Installing is good, but, users are advised to uninstall those CMSes after testing it. Yes, we use the word “testing” here because the Content Management Systems found in Fantastico are merely for testing purposes and are not updated immediately when vulnerabilities are found. If you have forgotten to clean it up (in other words, uninstall) or unaware of this matter, it may jeopardize your web site and leads to harmful threats. To add to that, with many unused CMSes (or you can term them as “vulnerable applications”) installed in your site, it may deter the effectiveness of our Security Engineers in finding the root of the threats.
Therefore, we would like to notify all our loyal clients that you can actually download the latest and secure version of your favourite CMS at their official websites (To name a few, wordpress.org and drupal.org). But, do ensure that you have uninstalled those CMSes that you have previously tested from the Fantastico package. And, yeah, as simple as that, you will ensure that your site is a safer one now. Moreover, the latest versions with its patches and updates are free! All you need is to be proactive and that’s the best way to secure your site!
Cheers!
Application: vBulletin
Version: 3.6.5 or earlier
Vendor’s URL: http://www.vbulletin.com/
Bug Type: SQL Injection
Risk: Low
Solution:
- Edit the source code to ensure that input is properly sanitized.
- Waiting for official patch/update from vendor
- http://www.vbulletin.org/forum/portal.php
Application: PHProjekt
Version: 5.2 and earlier
Vendor’s URL: http://www.phprojekt.com/
Bug Type: Cross Site Attacks, Sql Injection
Risk: High
Solution:
- Update to the latest version - 5.2.1
Application: WordPress CMS
Version: 2.1.2 or earlier
Vendor’s URL: http://wordpress.org/
Bug Type: Cross Site Scripting
Risk: High
Solution:
- Edit the source code in general-template.php to ensure the input is sanitized
- http://trac.wordpress.org/changeset/5003
Application: PHP-Nuke
Version: 8.0, 7.9 or below
Vendor’s URL: http://phpnuke.org/
Bug Type: Access Bypassing
Risk: High
Solution:
- Edit the source code to ensure that input is properly verified
- Set “magic_quotes_gpc” to On
- Waiting for official patch from vendor
Application: PHPEcho CMS
Version: 1.5
Vendor’s URL: http://sourceforge.net/projects/phpechocms/
Bug Type: SQL Injection
Risk: Medium
Solution:
- Update to version 1.6, it can be downloaded via Vendor’s URL
Application: Drupal Project issue tracking module
Version: 4.7.x-1.3 or below and 4.7.x-2.3 or below
Vendor’s URL: http://drupal.org/
Bug Type: Access Bypassing
Risk: Medium
Solution:
- Update to the latest version that you can find here -
- http://drupal.org/project/project_issue
Application: Drupal Nodefamily Module
Version: 5.x-1.0 but not 4.7 branch
Vendor’s URL: http://drupal.org/
Bug Type: Access Bypassing
Risk: Medium
Description: This vulnerability only affects to drupal installation with Nodefamily module.
Solution:
- Update Nodefamily module to latest version that you can find here:
- http://drupal.org/node/123126
Application: WordPress CMS
Version: 2.1.2 or below
Vendor’s URL: http://wordpress.org/
Bug Type: Cross Site Scripting
Risk: Low
Solution:
- Edit the source code(admin.php) to ensure that input is properly sanitised.
- Please keep your eyes close to vendor site for further update to fix the bug mentioned.
Application: Snitz Forum 2000
Version: 3.4.06 or below
Vendors URL: http://forum.snitz.com/
Bug Type: Cross Site Scripting(XSS)
Risk: High
Solution:
- Edit the source code(pop_profile.asp) to ensure that input is properly sanitised
- Grant only trusted users access to the application
- Currently waiting for the bugs fix from respected vendor
- http://forum.snitz.com/forum/forum.asp?FORUM_ID=118