Archive

Archive for July, 2010

Joomla! TTVideo Component “cid” SQLi

July 29th, 2010
Comments Off

Application: Joomla!
Affected Version: version 1.0 and other versions.
Vendor’s URL: TTVideo Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:

Content Management, SQL Injection

Joomla! IT Armory Component Multiple SQLi

July 29th, 2010
Comments Off

Application: Joomla!
Affected Version: version 0.1.4 and other versions.
Vendor’s URL: IT Armory Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla Frei-Chat Component One Script Insertion

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: versions prior to 2.1.2.
Vendor’s URL: Frei-Chat Component
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 2.1.2.

Content Management, Cross Site Scripting

WordPress myLinksDump Plugin “url” SQLi

July 29th, 2010
Comments Off

Application: WordPress
Affected Version:
Vendor’s URL: myLinksDump Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla InstantPhp Jobs Component “detailed_results” SQLi

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.3.2 and other versions
Vendor’s URL: InstantPhp Jobs Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.3.3.

Content Management, SQL Injection

CMS Made Simple Download Manager Module Arbitrary File Upload

July 29th, 2010
Comments Off

Application: CMS Made Simple
Affected Version: version 1.4.1 and other versions.
Vendor’s URL: Download Manager Module
Bug Type: File Upload
Risk Level: Critical

Solution:
Restrict access to the “modules/DownloadManager/lib/simple-upload/example.php” script (e.g. via .htaccess)

Content Management, File Inclusion

Joomla AutarTimonial Component “limit” SQLi

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.0.8 and other versions.
Vendor’s URL: AutarTimonial Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

WordPress Simple:Press Plugin “value” SQLi

July 29th, 2010
Comments Off

Application: WordPress
Affected Version: version 4.3.1 and other versions.
Vendor’s URL: Simple:Press Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

WordPress WP-UserOnline Plugin Script Insertion

July 29th, 2010
Comments Off

Application: WordPress
Affected Version: Version 2.62 and other versions
Vendor’s URL: WP-UserOnline Plugin
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 2.70 or later.

Content Management, Cross Site Scripting

Joomla BookLibrary From Same Author Module “id” SQLi

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.5 and other versions.
Vendor’s URL: BookLibrary From Same Author Module
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.5_2010_06_25.

Content Management, SQL Injection

phpaaCMS “id” SQLi

July 29th, 2010
Comments Off

Application: phpaaCMS
Affected Version: version 0.3.1 UTF-8 and other versions
Vendor’s URL: phpaaCMS
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla JoomDOC Component File Disclosure

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 2.0.2 and other versions
Vendor’s URL: JoomDOC Component
Bug Type: File Disclosure
Risk Level: Medium

Solution:
Restrict access for accounts with “upload” and “edit” permissions to trusted users only.

Content Management, Information Disclosure

Joomla CKForms Component Multiple Vulnerabilities

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.3.4 and other versions
Vendor’s URL: CKForms Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised. Change the “Uploaded files path” setting to a directory outside of the web root.

Content Management, SQL Injection

Joomla BookLibrary Component Multiple SQLi

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.5.3 Basic and other versions.
Vendor’s URL: BookLibrary Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.5.3_2010_06_20.

Content Management, SQL Injection

Bigforum SQL Injection and Arbitrary File Upload

July 29th, 2010
Comments Off

Application: Bigforum
Affected Version: version 5.2 and other versions.
Vendor’s URL: Bigforum
Bug Type: SQL Injection and Arbitrary File Upload
Risk Level:

Solution:
Edit the source code to ensure that input is properly sanitised. Restrict access to the “images/avatar/” directory (e.g. via .htaccess).

Discussion Boards, File Inclusion, SQL Injection

Joomla E-portfolio Component Arbitrary File Upload

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.5.0 and other versions.
Vendor’s URL: E-portfolio Component
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, File Inclusion

Ultimate PHP Board Security Bypass and File Disclosure

July 29th, 2010
Comments Off

Application: Ultimate PHP Board
Affected Version: version 2.2.6 and other versions.
Vendor’s URL: Ultimate PHP Board
Bug Type: Security Bypass and File Disclosure
Risk Level: Medium

Solution:
Restrict access to the admin_restore.php script (e.g. via .htaccess). Edit the source code to ensure that input is properly verified.

Access Bypass, Discussion Boards, Information Disclosure

Joomla JFaq Component Multiple Vulnerabilities

July 29th, 2010
Comments Off

Application: Joomla
Affected Version: version 1.2 and other versions.
Vendor’s URL: JFaq Component
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, Cross Site Scripting