Archive

Archive for January, 2011

Joomla! B2 Portfolio Component “c” SQL Injection

January 28th, 2011
Comments Off

Application: Joomla!
Affected Version: version 1.1 and other versions.
Vendor’s URL: B2 Portfolio Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

WordPress Recip.ly Plugin Arbitrary File Upload

January 28th, 2011
Comments Off

Application: WordPress
Affected Version: version 1.1.7 and other versions.
Vendor’s URL: Recip.ly Plugin
Bug Type: File Upload
Risk Level: Critical

Solution:
Edit the source code to prevent arbitrary file upload.

Content Management, File Inclusion

WordPress Uploader Plugin Two Vulnerabilities

January 28th, 2011
Comments Off

Application: WordPress
Affected Version: version 1.0.0 and other versions.
Vendor’s URL: Uploader Plugin
Bug Type: Cross Site Scripting and system access
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised. Restrict access to wp-content/plugins/uploader/uploadify/uploadify.php (e.g. via .htaccess).

Content Management, Cross Site Scripting

WordPress WP Publication Archive Plugin “file” Information Disclosure

January 28th, 2011
Comments Off

Application: WordPress
Affected Version: version 2.0.1 and other versions.
Vendor’s URL: WP Publication Archive Plugin
Bug Type: Information Disclosure
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, Information Disclosure

PHP Coupon Script “bus” SQL Injection

January 28th, 2011
Comments Off

Application: PHP Coupon Script
Affected Version: version 6.0 and other versions.
Vendor’s URL: PHP Coupon Script
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

SQL Injection

Drupal Janrain Engage Module Arbitrary File Upload

January 28th, 2011
Comments Off

Application: Drupal
Affected Version: versions prior to 6.x-1.4.
Vendor’s URL: Janrain Engage Module
Bug Type: File Upload
Risk Level: Critical

Solution:
Update to version 6.x-1.4.

Content Management, File Inclusion

Joomla! allCineVid Component “id” SQLi

January 28th, 2011
Comments Off

Application: Joomla!
Affected Version: version 1.0.0 and prior versions.
Vendor’s URL: allCineVid Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.1.0.

Content Management, SQL Injection

Joomla! Easy File Uploader Module File Upload

January 28th, 2011
Comments Off

Application: Joomla!
Affected Version: versions prior to 0.6.
Vendor’s URL: Easy File Uploader Module
Bug Type: File Upload
Risk Level: Critical

Solution:
Update to version 0.6.

Content Management, File Inclusion

TinyBB Multiple SQL Injection

January 28th, 2011
Comments Off

Application: TinyBB
Affected Version: version 1.2 and other versions.
Vendor’s URL: TinyBB
Bug Type: SQL Injection
Risk Level: Critical

Solution:
The vendor has issued an updated version 1.2, which fixes the vulnerabilities.

Discussion Boards, SQL Injection

Joomla! Joomla Captcha Plugin “lng” Information Disclosure

January 28th, 2011
Comments Off

Application: Joomla!
Affected Version: version 4.5.1
Vendor’s URL: Joomla Captcha Plugin
Bug Type: Information Disclosure
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Content Management, Information Disclosure

WordPress Mingle Forum Plugin Security Bypass and SQL Injection

January 28th, 2011
Comments Off

Application: WordPress
Affected Version: versions prior to 1.0.27.
Vendor’s URL: Mingle Forum Plugin
Bug Type: Security Bypass and SQL Injection
Risk Level: Critical

Solution:
Update to version 1.0.27.

Access Bypass, Content Management, SQL Injection

WordPress Pierre’s Wordspew Plugin SQL Injection

January 28th, 2011
Comments Off

Application: WordPress
Affected Version: version 5.61
Vendor’s URL: Pierre’s Wordspew Plugin
Bug Type: SQL Injection
Risk Level: High

Solution:
Upgrade to version 6.0 or later.

Content Management, SQL Injection