Archive

Archive for December, 2008

Joomla Hotel Booking System Component Multiple SQLi

December 24th, 2008
Comments Off

Application: Joomla
Affected Version:
Vendor’s URL: Hotel Booking System Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Drupal Views Module Unspecified SQLi

December 24th, 2008
Comments Off

Application: Drupal
Affected Version: versions prior to 2.2
Vendor’s URL: Views Module
Bug Type: SQL Injection
Risk Level: Medium

Solution:
Update to version 2.2

Content Management, SQL Injection

Joomla Live Chat Component “last” SQLi

December 24th, 2008
Comments Off

Application: Joomla
Affected Version: version 1.0 (Free Edition) and other versions.
Vendor’s URL: Live Chat Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

MediaWiki Multiple Vulnerabilities

December 24th, 2008
Comments Off

Application: MediaWiki
Affected Version: versions 1.13.0 through 1.13.2 and versions since 1.3.0.
Vendor’s URL: MediaWiki
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Update to MediaWiki 1.13.3, 1.12.3 and 1.6.11 or apply patches.

Content Management, Cross Site Scripting

phpBB Account Re-activation Security Bypass

December 24th, 2008
Comments Off

Application: phpBB
Affected Version: versions prior to 3.0.4.
Vendor’s URL: phpBB
Bug Type: Security Bypass
Risk Level: Medium

Solution:
Update to version 3.0.4

Access Bypass, Discussion Boards

Moodle Unspecified Cross-Site Scripting

December 24th, 2008
Comments Off

Application: Moodle
Affected Version:
Vendor’s URL: Moodle
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.6.8, 1.7.6, 1.8.7, or 1.9.3.

Content Management, Cross Site Scripting

TWiki Cross-Site Scripting and Command Injection

December 24th, 2008
Comments Off

Application: TWiki
Affected Version:
Vendor’s URL: TWiki
Bug Type: Cross Site Scripting and Command Injection
Risk Level: Critical

Solution:
Update to version 4.2.4.

Content Management, Cross Site Scripting, Remote Command Execution

XOOPS Script Insertion and Local File Inclusion

December 24th, 2008
Comments Off

Application: XOOPS
Affected Version: XOOPS 2.3.x prior to 2.3.2a and XOOPS 2.3.x prior to 2.3.2b
Vendor’s URL: XOOPS
Bug Type: Script Insertion and Local File Inclusion
Risk Level: Critical

Solution:
Update to version 2.3.2b.

Content Management, File Inclusion

PunBB Cross-Site Scripting and SQLi

December 24th, 2008
Comments Off

Application: PunBB
Affected Version: version 1.3.x prior to 1.3.2.
Vendor’s URL: PunBB
Bug Type: Cross Site Scripting and SQL Injection
Risk Level: Low

Solution:
Update to version 1.3.2 or apply hotfixes.
http://punbb.informer.com/downloads.php#1.3.2

Cross Site Scripting, Discussion Boards, SQL Injection

phpBB Tag Board Module “id” SQLi

December 24th, 2008
Comments Off

Application: phpBB
Affected Version: version 4.0. Other versions may also be affected.
Vendor’s URL: Tag Board Module
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Discussion Boards, SQL Injection

Drupal Storm Module SQLi

December 24th, 2008
Comments Off

Application: Drupal
Affected Version:
- Storm for Drupal 5 prior to 5.x-1.14
- Storm for Drupal 6 prior to 6.x-1.18
Vendor’s URL: Storm Module
Bug Type: SQL Injection
Risk Level:

Solution:
Update to version 5.x-1.14 or 6.x-1.18.

Content Management, SQL Injection

Movable Type Unspecified Cross-Site Scripting

December 24th, 2008
Comments Off

Application: Movable Type
Affected Version: – Movable Type 4
- Movable Type 4 Enterprise
- Movable Type 4 Community Edition
- Movable Type 4 (Open Source)
- Movable Type 3
- Movable Type Enterprise 1.5
Vendor’s URL: Movable Type
Bug Type: XSS
Risk Level: Medium

Solution:
Update to the latest version.

Movable Type 4.23 (Open Source)
Movable Type 4.23 (Professional Pack Community Pack included)
Movable Type Commercial 4.23 (Professional Pack included)
Movable Type Enterprise 4.23
Movable Type 3.38
Movable Type Enterprise 1.56

Content Management, Cross Site Scripting

Drupal Comment Mail Module XSRF

December 24th, 2008
Comments Off

Application: Drupal
Affected Version: Drupal 5.x prior to 5.x-1.1.
Vendor’s URL: Comment Mail Module
Bug Type: XSRF
Risk Level: Critical

Solution:
Update to version 5.x-1.1.

Content Management, Cross Site Scripting

Drupal User Karma Module Cross-Site Scripting and SQLi

December 24th, 2008
Comments Off

Application: Drupal
Affected Version: Drupal 5.x prior to 5.x-1.13 and Drupal 6.x prior to 6.x-1.0-beta1.
Vendor’s URL: User Karma Module
Bug Type: XSS and SQLi
Risk Level: Critical

Solution:
Update to a fixed version.

Drupal 5.x:
Update to version 5.x-1.13.

Drupal 6.x:
Update to version 6.x-1.0-beta1.

Content Management, Cross Site Scripting, SQL Injection

WordPress “Host” Header RSS Feed Script Insertion

December 24th, 2008
Comments Off

Application: WordPress
Affected Version: only affects IP-based virtual servers running on Apache 2.x.
Vendor’s URL: WordPress
Bug Type: Script Insertion
Risk Level: Medium

Solution:
Update to version 2.6.5.

Content Management, Cross Site Scripting

Gallery Cookie Handling Security Bypass

December 24th, 2008
Comments Off

Application: Gallery
Affected Version: Gallery 1.x versions 1.5.8-svn-b34 and later
Vendor’s URL: Gallery
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Update to version 1.5.10.

Access Bypass, Image Galleries