Archive

Archive for June, 2009

Joomla Jumi Component “fileid” SQLi

June 27th, 2009
Comments Off

Application: Joomla Jumi Component
Affected Version: version 2.0.3 and other versions.
Vendor’s URL: Joomla Jumi Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

MyBB Script Insertion

June 27th, 2009
Comments Off

Application: MyBB
Affected Version: versions prior to 1.4.8.
Vendor’s URL: MyBB
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.4.8.

Cross Site Scripting, Discussion Boards

Drupal Links Package Script Insertion

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: versions prior to version 5.x-1.13 and 6.x-1.2.
Vendor’s URL: Drupal Links Package
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 5.x-1.13 or 6.x-1.2.

http://drupal.org/node/501356
http://drupal.org/node/501360

Content Management, Cross Site Scripting

Zen Cart Administration Security Bypass

June 27th, 2009
Comments Off

Application: Zen Cart
Affected Version: version 1.3.8a (full fileset 12112007) and other versions.
Vendor’s URL: Zen Cart
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Apply patch.
http://www.zen-cart.com/forum/attachment.php?attachmentid=5943&d=1245789282

Access Bypass, E-Commerce

Movable Type Security Bypass and XSS

June 27th, 2009
Comments Off

Application: Movable Type
Affected Version: versions prior to 4.26.
Vendor’s URL: Movable Type
Bug Type: Security Bypass and Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 4.26 or later.

Access Bypass, Blogs, Cross Site Scripting

MyBB “birthdayprivacy” SQLi

June 27th, 2009
Comments Off

Application: MyBB
Affected Version: MyBB 1.4.x versions prior to 1.4.7.
Vendor’s URL: MyBB
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.4.7 or apply patches.
http://www.mybboard.net/downloads

Changed files:
http://mybboard.net/download/103

Manual patch instructions:
http://mybboard.net/download/104

Discussion Boards, SQL Injection

TYPO3 References Database SQLi

June 27th, 2009
Comments Off

Application: TYPO3
Affected Version: prior to 0.1.2.
Vendor’s URL: TYPO3 References Database
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 0.1.2.
http://typo3.org/extensions/repository/view/t3references/0.1.2/

Content Management, SQL Injection

SugarCRM Emails Module File Upload

June 27th, 2009
Comments Off

Application: SugarCRM
Affected Version:
Vendor’s URL: SugarCRM Emails Module
Bug Type: File Upload
Risk Level: Critical

Solution:
Update to version 5.2f.

Content Management, File Inclusion

Drupal Views Module Multiple Vulnerabilities

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: versions prior to 6.x-2.6.
Vendor’s URL: Drupal Views Module
Bug Type: Cross Site Scripting and Security Bypass
Risk Level: Critical

Solution:
Update to version 6.x-2.6.
http://drupal.org/node/488082

Access Bypass, Content Management, Cross Site Scripting

Drupal Booktree Module Script Insertion

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: versions prior to 5.x-7.3 and 6.x-1.1.
Vendor’s URL: Drupal Booktree Module
Bug Type: Cross Site Scripting
Risk Level: Low

Solution:
Update to version 5.x-7.3 or 6.x-1.1.

http://drupal.org/node/487812
http://drupal.org/node/487810

Content Management, Cross Site Scripting

Drupal Taxonomy Manager Module Script Insertion

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: versions prior to 6.x-1.1 or 5.x-1.2.
Vendor’s URL: Drupal Taxonomy Manager Module
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 6.x-1.1 or 5.x-1.2.

http://drupal.org/node/487602
http://drupal.org/node/487620

Content Management, Cross Site Scripting

Drupal Services Module Key-based Access Security Bypass

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: versions prior to 6.x-0.14.
Vendor’s URL: Drupal Services Module
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Update to version 6.x-0.14.
http://drupal.org/node/487784

Access Bypass, Content Management

Joomla! MooFAQ Component “file” Local File Disclosure

June 27th, 2009
Comments Off

Application: Joomla! MooFAQ Component
Affected Version:
Vendor’s URL: Joomla! MooFAQ Component
Bug Type: Local File Disclosure
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, File Inclusion

osCommerce Finnish Bank Payment Module Security Bypass

June 27th, 2009
Comments Off

Application: osCommerce Finnish Bank Payment Module
Affected Version:
Vendor’s URL: osCommerce Finnish Bank Payment Module
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Apply vendor patch

Access Bypass, E-Commerce

Drupal Quiz Module Script Insertion

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: all versions of Quiz for Drupal 5.x, Quiz 6.x-2.x prior to 6.x-2.2, and Quiz 6.x-3.x prior to 6.x-3.0.
Vendor’s URL: Drupal Quiz Module
Bug Type: Script Insertion
Risk Level: Medium

Solution:
Update to Quiz 6.x-2.2 or Quiz 6.x-3.0.

http://drupal.org/node/481270
http://drupal.org/node/481274

Content Management, Cross Site Scripting

Joomla! Script Insertion and XSS

June 27th, 2009
Comments Off

Application: Joomla!
Affected Version: 1.5.10 and all prior 1.5.x releases.
Vendor’s URL: Joomla!
Bug Type: Script Insertion and Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.5.11.
http://www.joomla.org/download.html

Content Management, Cross Site Scripting

osCommerce Luottokunta Module Security Bypass

June 27th, 2009
Comments Off

Application: osCommerce Luottokunta Module
Affected Version: versions prior to 1.3.
Vendor’s URL: osCommerce Luottokunta Module
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Update to version 1.3.
http://addons.oscommerce.com/info/3698

Access Bypass, E-Commerce

Simple Machines Forum BMP Uploads XSS

June 27th, 2009
Comments Off

Application: Simple Machines Forum
Affected Version: version 1.1.18 and other versions.
Vendor’s URL: Simple Machines Forum
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.1.19.

Cross Site Scripting, Discussion Boards

Vanilla “RequestName” XSS

June 27th, 2009
Comments Off

Application: Vanilla
Affected Version: versions prior to 1.0.8.
Vendor’s URL: Vanilla
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.0.8.
http://lussumo.com/download.php?Get=Vanilla

Cross Site Scripting, Discussion Boards

Drupal Ajax Session Module XSS and XSRF

June 27th, 2009
Comments Off

Application: Drupal
Affected Version: version 5.x-1.0 and other versions.
Vendor’s URL: Drupal Ajax Session Module
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitised and requests are properly verified.

The Drupal Security Team recommends to remove the plugin.

Content Management, Cross Site Scripting