Archive

Archive for August, 2008

vbDrupal Multiple Vulnerabilities

August 25th, 2008
Comments Off

Application: vbDrupal
Affected Version: all 5.x versions prior to 5.10.0.
Vendor’s URL: vbDrupal
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 5.10.0 or later.

Cross Site Scripting, Discussion Boards

Mambo Two XSS Vulnerabilities

August 25th, 2008
Comments Off

Application: Mambo
Affected Version: version 4.6.5 and reported in version 4.6.2 and other versions.
Vendor’s URL: Mambo
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, Cross Site Scripting

Vanilla Multiple Vulnerabilities

August 25th, 2008
Comments Off

Application: Vanilla
Affected Version: version 1.1.4 and other versions.
Vendor’s URL: Vanilla
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
All vulnerabilities except for the “Value” form field in #2 are fixed in version 1.1.5-rc1.
Edit the source code to ensure that input is properly sanitised. Do not browse untrusted web sites while logged on to the application.

Cross Site Scripting, Discussion Boards

PHP Live Helper Multiple Vulnerabilities

August 25th, 2008
Comments Off

Application: PHP Live Helper
Affected Version: version 2.0.1 and other versions.
Vendor’s URL: PHP Live Helper
Bug Type: SQL Injection
Risk Level: Critcal

Solution:
Update to version 2.1.0.

Customer Relationship, SQL Injection

vBulletin Private Message Subject Script Insertion

August 25th, 2008
Comments Off

Application: vBulletin
Affected Version: 3.7.2 PL1 and 3.6.10 PL3 and prior versions.
Vendor’s URL: vBulletin
Bug Type: Script Insertion
Risk Level: Medium

Solution:
Update to version 3.7.2 PL2 or 3.6.10 PL4.

Discussion Boards

TinyCMS “config[template]” Local File Inclusion

August 25th, 2008
Comments Off

Application: TinyCMS
Affected Version: version 1.1.2 and other versions.
Vendor’s URL: TinyCMS
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, File Inclusion

Kayako SupportSuite Multiple Vulnerabilities

August 25th, 2008
Comments Off

Application: Kayako
Affected Version: version 3.20.02 and prior versions
Vendor’s URL: SupportSuite
Bug Type: SQL Injection and Cross Site Scripting
Risk Level: Critical

Solution:
Fixed in version 3.30.00 RC3.

Filter malicious characters and character sequences in a web proxy.

Cross Site Scripting, Customer Relationship, SQL Injection

Drupal XSRF and Security Bypass

August 25th, 2008
Comments Off

Application: Drupal
Affected Version: all 6.x versions prior to 6.4
Vendor’s URL: Drupal
Bug Type: Cross Site Scripting and Security Bypass
Risk Level: Medium

Solution:
Update to version 6.4.

Access Bypass, Content Management, Cross Site Scripting

Drupal Multiple Vulnerabilities

August 25th, 2008
Comments Off

Application: Drupal
Affected Version: all 5.x versions prior to 5.10 and all 6.x versions prior to 6.4
Vendor’s URL: Drupal
Bug Type: Cross Site Scripting, Script Insertion
Risk Level: Critical

Solution:
Update to version 5.10 or 6.4.

Content Management, Cross Site Scripting

IceBB “username” SQLi

August 25th, 2008
Comments Off

Application: IceBB
Affected Version: version 1.0-rc9.2 and prior versions.
Vendor’s URL: IceBB
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.0-rc9.3.

Discussion Boards, SQL Injection

PunBB SMTP Command Injection and XSS

August 25th, 2008
Comments Off

Application: PunBB
Affected Version: prior to 1.2.19
Vendor’s URL: PunBB
Bug Type: Command Injection and Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 1.2.19.
http://punbb.informer.com/downloads.php

Cross Site Scripting, Discussion Boards, Remote Command Execution

SiteAdmin “art” SQLi

August 25th, 2008
Comments Off

Application: SiteAdmin
Affected Version:
Vendor’s URL: SiteAdmin
Bug Type: SQL injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

MyBB “search.php” XSS

August 25th, 2008
Comments Off

Application: MyBB
Affected Version: All 1.2.x versions prior to 1.2.14
Vendor’s URL: MyBB
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.2.14.

Cross Site Scripting, Discussion Boards

Coppermine Photo Gallery “lang” Local File Inclusion

August 25th, 2008
Comments Off

Application: Coppermine
Affected Version: version 1.4.18 and other versions.
Vendor’s URL: Photo Gallery
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Update to version 1.4.19.

File Inclusion, Image Galleries

E-Store Kit “pid” SQLi

August 25th, 2008
Comments Off

Application: E-Store Kit
Affected Version: E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition
Vendor’s URL: E-Store Kit
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Filter malicious characters and character sequences in a web proxy.

E-Commerce, SQL Injection

Gallery Multiple Vulnerabilities

August 25th, 2008
Comments Off

Application: Gallery
Affected Version: prior to 1.5.8
Vendor’s URL: Gallery
Bug Type:
Risk Level: Security Bypass, Cross Site Scripting

Solution:
Update to version 1.5.8.

Access Bypass, Cross Site Scripting, Image Galleries

Xoops Kshop Module “search” XSS

August 25th, 2008
Comments Off

Application: Xoops
Affected Version: version 2.22 and other versions.
Vendor’s URL: Kshop Module
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, Cross Site Scripting

Zoph Multiple SQLi

August 25th, 2008
Comments Off

Application: Zoph
Affected Version: prior to 0.7.0.5.
Vendor’s URL: Zoph
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 0.7.0.5.

Image Galleries, SQL Injection

Geeklog Forum Plugin Search XSS

August 25th, 2008
Comments Off

Application: Geeklog
Affected Version:
Vendor’s URL: Geeklog Forum Plugin
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 2.7.1.

Content Management, Cross Site Scripting

Drupal Session Fixation Vulnerability

August 25th, 2008
Comments Off

Application: Drupal
Affected Version: all 5.x versions prior to 5.9 and all 6.x versions prior to 6.3
Vendor’s URL: Drupal
Bug Type: Hijack
Risk Level: Medium

Solution:
Update to version 5.9 or 6.3.
Apply patch to 5.8:
http://drupal.org/files/sa-2008-046/SA-2008-046-5.8.patch

Content Management