Archive

Archive for May, 2007

Mambo Unspecified Bypass Vulnerabilities

May 4th, 2007

Application: Mambo
Affected Version: 4.6.1 or earlier
Vendor’s URL: http://www.mamboserver.com/
Bug Type: Access Bypass
Risk Level: Medium

Solution:
- Update to version 4.6.2
- http://mamboxchange.com/frs/?group_id=5

Access Bypass

AIOCP XSS Vulnerability

May 4th, 2007

Application: All In One Control Panel
Version: 1.3.015 or earlier
Vendor’s URL: http://www.aiocp.com/
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
- Update to version 1.3.016
- http://sourceforge.net/project/showfiles.php?group_id=159137

Cross Site Scripting

WordPress Wordtube Plugin File Inclusion

May 4th, 2007

Application: WordPress Wordtube Plugin
Version: 1.43 or earlier
Vendor’s URL: http://alexrabe.boelinger.com/?page_id=20
Bug Type: Access Bypass & File Inclusion
Risk Level: High

Solution:
- Update to the latest version which is 1.44
- http://wordpress.org/extend/plugins/wordtube/

Access Bypass, File Inclusion

WordPress Wp-table Plugin File Inclusion

May 4th, 2007

Application: WordPress Wp-table Plugin
Version: 1.43 or earlier
Vendor’s URL: http://alexrabe.boelinger.com/
Bug Type: Access Bypass & File Inclusion
Risk Level: High

Solution:
- If you are using this plugin, either disable it or update it to version 1.44
- http://wordpress.org/extend/plugins/wp-table/

Access Bypass, File Inclusion