Application: Drupal
Affected Version: versions prior to 5.x-1.1.
Vendor’s URL: Mime Mail Module
Bug Type: Code Execution
Risk Level: Critical
Solution:
Update to version 5.x-1.1.
http://drupal.org/node/752166
Content Management, Remote Command Execution
Application: Joomla
Affected Version:
Vendor’s URL: JE Form Creator Component
Bug Type: Local File Inclusion
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly verified.
Content Management, File Inclusion
Application: Drupal
Affected Version: versions prior to 6.x-1.1.
Vendor’s URL: Email Input Filter Module
Bug Type: Code Execution
Risk Level: Critical
Solution:
Update to version 6.x-1.1 or later.
Content Management, Remote Command Execution
Application: Joomla
Affected Version: version 1.3.3 and other versions.
Vendor’s URL: JuliaPortfolio Component
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Update to version 2.1 or later.
Content Management, File Inclusion
Application: Joomla
Affected Version: version 1.0.8 and other versions.
Vendor’s URL: Ninja RSS Syndicator
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Update to version 1.0.9.
Content Management, File Inclusion
Application: Joomla
Affected Version: version 2.1.5 and other versions.
Vendor’s URL: GCalendar Component
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Content Management, File Inclusion
Application: PHP Classifieds
Affected Version: version 7.5 and other versions.
Vendor’s URL: PHP Classifieds
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
SQL Injection
Application: phpBB
Affected Version: version 3.0.7.
Vendor’s URL: phpBB
Bug Type: Security Bypass
Risk Level: version 3.0.7.
Solution:
Update to version 3.0.7PL1 or later.
Access Bypass, Discussion Boards
Application: Joomla
Affected Version: version 3.0.329 and other versions.
Vendor’s URL: MyBlog Component
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Content Management, File Inclusion
Application: Drupal
Affected Version: versions prior to 6.x-1.3 and 5.x-2.6.
Vendor’s URL: Internationalization Module
Bug Type: Code Execution
Risk Level: Critical
Solution:
Internationalization 6.x:
http://drupal.org/node/731590
Internationalization 5.x:
http://drupal.org/node/731586
Content Management, Remote Command Execution
Application: Joomla
Affected Version: version 1.1 and other version.
Vendor’s URL: SQL Reports Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Content Management, SQL Injection