Application: Moodle
Affected Version:
Vendor’s URL: Moodle
Bug Type: Cross Site Scripting
Risk Level: Medium
Solution:
Update to version 1.8.13 or 1.9.9 or apply patches (see vendor’s advisories for details).
Application: Drupal
Affected Version: versions prior to 6.x-1.2.
Vendor’s URL: Ubercart MIGS Module
Bug Type: Security Bypass
Risk Level: Critical
Solution:
Update to version 6.x-1.2 or later.
Application: Drupal
Affected Version: versions prior to 5.x-1.6 and 6.x-1.5.
Vendor’s URL: Ogone | Ubercart Module
Bug Type: Security Bypass
Risk Level: Critical
Solution:
Update to version 5.x-1.6 or later, or 6.x-1.5 or later.
Application: CubeCart
Affected Version: CubeCart 4.3.9 and other versions.
Vendor’s URL: CubeCart
Bug Type: SQL Injection
Risk Level:
Solution:
Update to CubeCart 4.4.0 or greater.
Application: Joomla
Affected Version: version 1.0 and other versions.
Vendor’s URL: My Car Component
Bug Type: Cross Site Scripting
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Application: Joomla
Affected Version: version 1.3.0 and other versions
Vendor’s URL: BF Quiz Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 1.3.1.
Application: osCommerce
Affected Version: version 3.2.1 and other versions.
Vendor’s URL: Visitor Web Stats Module
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Application: MultiShop CMS
Affected Version:
Vendor’s URL: MultiShop CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Filter malicious characters and character sequences using a proxy.
Application: Drupal
Affected Version: versions prior to 6.x-1.2.
Vendor’s URL: AddonChat Module
Bug Type: Security Bypass and Cross Site Scripting
Risk Level: Critical
Solution:
Update to version 6.x-1.2.