Archive

Archive for August, 2010

Joomla! Zoom Portfolio Component “id” SQL Injection

August 25th, 2010
Comments Off

Application: Joomla!
Affected Version: version 1.5 and other versions.
Vendor’s URL: Zoom Portfolio Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla JGrid Component File Inclusion and SQL Injection

August 25th, 2010
Comments Off

Application: Joomla
Affected Version: Version 1.0 and other versions.
Vendor’s URL: JGrid Component
Bug Type: File Inclusion and SQL Injection
Risk Level: Critical

Solution:
Update to version 1.1.

Content Management, File Inclusion, SQL Injection

Free Simple CMS Remote File Inclusion

August 25th, 2010
Comments Off

Application: Free Simple CMS
Affected Version: version 1.0 and other versions.
Vendor’s URL: Free Simple CMS
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, File Inclusion

CMSQLite Arbitrary File Upload and Security Bypass

August 25th, 2010
Comments Off

Application: CMSQLite
Affected Version: version 1.3.1 and other versions.
Vendor’s URL: CMSQLite
Bug Type: File Upload and Security Bypass
Risk Level: Critical

Solution:
Restrict access to the “admin” directory (e.g. via a “.htaccess” file).

Access Bypass, Content Management, File Inclusion

Joomla onGallery Component “id” SQLi

August 25th, 2010
Comments Off

Application: Joomla
Affected Version: version 2.0.1 and other versions.
Vendor’s URL: onGallery Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

CMS Source Multiple Vulnerabilities

August 25th, 2010
Comments Off

Application: CMS Source
Affected Version: version 3.0 and other versions.
Vendor’s URL: CMS Source
Bug Type: Cross Site Scripting and SQL Injection
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitised and verified.

Content Management, Cross Site Scripting, SQL Injection

Pligg Multiple SQLi

August 25th, 2010
Comments Off

Application: Pligg
Affected Version: version 1.1.0 and other versions.
Vendor’s URL: Pligg
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.1.1.

Content Management, SQL Injection

Joomla! Teams Component “PlayerID” SQLi

August 25th, 2010
Comments Off

Application: Joomla!
Affected Version: Version 1 and other versions.
Vendor’s URL: Teams Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla! Amblog Component “catid” and “articleid” SQLi

August 25th, 2010
Comments Off

Application: Joomla!
Affected Version: version 1.0 and other versions.
Vendor’s URL: Amblog Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, Session Hijacking, SQL Injection

Joomla! cgTestimonial Component Cross-Site Scripting and Arbitrary File Upload

August 25th, 2010
Comments Off

Application: Joomla!
Affected Version: version 1.0 and other versions.
Vendor’s URL: cgTestimonial Component
Bug Type: Cross Site Scripting and File Upload
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised. Restrict access to the components/com_cgtestimonial/user_images directory (e.g. via .htaccess)

Content Management, Cross Site Scripting, File Inclusion

WordPress NextGEN Smooth Gallery Plugin “galleryID” SQLi

August 25th, 2010
Comments Off

Application: WordPress
Affected Version: version 1.2 and other versions.
Vendor’s URL: NextGEN Smooth Gallery Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla! Spielothek Component Multiple SQLi

August 25th, 2010

Application: Joomla!
Affected Version: version 1.6.9 and other versions.
Vendor’s URL: Spielothek Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

EasyManage CMS “id” Two SQL Injections

August 25th, 2010
Comments Off

Application: EasyManage CMS
Affected Version:
Vendor’s URL: EasyManage CMS
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Reportedly a patch has been released. Contact the vendor for further information.

Content Management, SQL Injection