Joomla! Maian Media Silver “cat” SQL Injection
Application: Joomla!
Affected Version:
Vendor’s URL: Maian Media Silver
Bug Type: SQL Injection
Risk Level: Critical
Solution:
An update has been made available by the vendor.
Application: Joomla!
Affected Version:
Vendor’s URL: Maian Media Silver
Bug Type: SQL Injection
Risk Level: Critical
Solution:
An update has been made available by the vendor.
Application: WordPress
Affected Version: version 5.32 and other versions.
Vendor’s URL: Event Registration Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Application: TFT Gallery
Affected Version: version 0.13.1
Vendor’s URL: TFT Gallery
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly verified.
Application: Joomla!
Affected Version: version 1.1 and other versions.
Vendor’s URL: Flip Wall Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Application: Joomla!
Affected Version: version 1.1
Vendor’s URL: Sponsor Wall Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitised.
Application: WordPress
Affected Version: version 11.5
Vendor’s URL: cformsII Plugin
Bug Type: Cross Site Scripting
Risk Level: Critical
Solution:
Update to version 11.6.1 or later.
Application: XWiki Enterprise
Affected Version: versions prior to 2.5.
Vendor’s URL: XWiki Enterprise
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical
Solution:
Update to version 2.5.
Application: Zen Cart
Affected Version: version 1.3.9h and other versions
Vendor’s URL: Zen Cart
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly verified. Enable the usage of “.htaccess” files.
Application: WordPress
Affected Version: version 0.1.10
Vendor’s URL: DB Toolkit Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
Restrict access to the wp-content/plugins/db-toolkit/data_form/fieldtypes/file/scripts/uploadify.php script (e.g. via .htaccess).
Application: Joomla!
Affected Version: version 1.0.5
Vendor’s URL: RSForm! Component
Bug Type: File Inclusion and SQL Injection
Risk Level: Critical
Solution:
Update to version 1.0.6.