Archive

Archive for June, 2008

miniBB “whatus” Cross-Site Scripting

June 23rd, 2008
Comments Off

Application: miniBB
Affected Version: version 2.2a and other versions.
Vendor’s URL: miniBB
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Cross Site Scripting, Discussion Boards

Drupal TrailScout Module XSS and SQL Injection

June 23rd, 2008
Comments Off

Application: Drupal
Affected Version: versions for Drupal 5.x prior to 5.x-1.4
Vendor’s URL: TrailScout Module
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical

Solution:
Update to version 5.x-1.4.

Content Management, Cross Site Scripting, SQL Injection

MyBizz-Classifieds SQL Injection

June 23rd, 2008
Comments Off

Application: MyBizz-Classifieds
Affected Version:
Vendor’s URL: MyBizz-Classifieds
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Filter malicious characters and character sequences in a web proxy.

SQL Injection

Easy Webstore SQL Injection

June 23rd, 2008
Comments Off

Application: Easy Webstore
Affected Version: version 1.2 and other versions.
Vendor’s URL: http://www.webstorexpert.com/
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

E-Commerce, SQL Injection

BASIC-CMS SQL Injection

June 23rd, 2008
Comments Off

Application: BASIC-CMS
Affected Version:
Vendor’s URL: BASIC-CMS
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

eroCMS SQL Injection

June 23rd, 2008
Comments Off

Application: eroCMS
Affected Version: 1.4 and other versions.
Vendor’s URL: eroCMS
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

vBulletin XSS

June 23rd, 2008
Comments Off

Application: vBulletin
Affected Version: version 3.7.1 and 3.6.10 and other version.
Vendor’s URL: vBulletin
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 3.7.1 PL1 or 3.6.10 PL1.

Cross Site Scripting, Discussion Boards

Mambo File Inclusion

June 23rd, 2008
Comments Off

Application: Mambo
Affected Version: version 4.6.4 and other versions.
Vendor’s URL: http://www.mambo-foundation.org/
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, File Inclusion

PHPMyCart SQL Injection

June 23rd, 2008
Comments Off

Application: PHPMyCart
Affected Version:
Vendor’s URL: PHPMyCart
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

E-Commerce, SQL Injection

FOG Forum Local File Inclusion

June 23rd, 2008
Comments Off

Application: FOG Forum
Affected Version: version 0.8.1 and other versions.
Vendor’s URL: FOG Forum
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Discussion Boards, File Inclusion

Drupal Aggregation Module Security Bypass and XSS

June 23rd, 2008
Comments Off

Application: Drupal
Affected Version: prior to 5.x-4.4
Vendor’s URL: Aggregation Module
Bug Type: Security Bypass and Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 5.x-4.4.

Access Bypass, Content Management, Cross Site Scripting

Drupal Taxonomy Image Module XSS

June 23rd, 2008
Comments Off

Application: Drupal
Affected Version: prior to 5.x-1.3 and 6.x-1.3.
Vendor’s URL: Taxonomy Image Module
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 5.x-1.3 or 6.x-1.3.
http://drupal.org/project/taxonomy_image

Content Management, Cross Site Scripting

Drupal Magic Tabs Module Arbitrary PHP Code Execution

June 23rd, 2008
Comments Off

Application: Drupal
Affected Version: prior to 5.x-1.1
Vendor’s URL: Magic Tabs Module
Bug Type: Code Execution
Risk Level: Critical

Solution:
Update to 5.x-1.1.
http://drupal.org/project/magic_tabs

Content Management, Remote Command Execution

DotNetNuke XSS

June 23rd, 2008
Comments Off

Application: DotNetNuke
Affected Version: prior to 4.8.4
Vendor’s URL: DotNetNuke
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 4.8.4.

Content Management, Cross Site Scripting

Gallery XSS and Security Bypass

June 23rd, 2008
Comments Off

Application: Gallery
Affected Version: all 2.x versions before 2.2.5
Vendor’s URL: http://gallery.menalto.com/
Bug Type: Cross Site Scripting and Security Bypass
Risk Level: Medium

Solution:
Update to version 2.2.5. Remove password protection from any non-album items.

Access Bypass, Cross Site Scripting, Image Galleries

Joomla JoomlaDate Component SQL Injection

June 23rd, 2008
Comments Off

Application: Joomla
Affected Version: version 1.0.05 and other versions.
Vendor’s URL: JoomlaDate Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Contact the vendor for patch.

Content Management, SQL Injection

Joomla GameQ Component SQL Injection

June 23rd, 2008
Comments Off

Application: Joomla
Affected Version: version 4.0.0 and other versions.
Vendor’s URL: GameQ Component
Bug Type: SQL Injection
Risk Level:

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection

PHP Image Gallery XSS

June 23rd, 2008
Comments Off

Application: PHP Image Gallery
Affected Version:
Vendor’s URL: PHP Image Gallery
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Cross Site Scripting, Image Galleries

1Book PHP Code Execution

June 23rd, 2008
Comments Off

Application: 1Book
Affected Version: version 1.0.1 and other versions.
Vendor’s URL: http://1scripts.net/php-scripts/index.php?p=16
Bug Type: Code Execution
Risk Level: Critical

Solution:
Update to version 1.0.2.

Remote Command Execution

Joomla EasyBook Component SQL Injection

June 23rd, 2008
Comments Off

Application: Joomla
Affected Version: version 1.1 and other versions.
Vendor’s URL: EasyBook Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Content Management, SQL Injection