Archive

Archive for December, 2011

Joomla! QContacts Component “filter_order” SQL Injection

December 29th, 2011
Comments Off

Application: Joomla!
Affected Version: version 1.0.6 and other versions.
Vendor’s URL: QContacts Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

WordPress SCORM Cloud For WordPress Plugin “active” SQL Injection

December 29th, 2011
Comments Off

Application: WordPress
Affected Version: version 1.0.6.6 and prior versions.
Vendor’s URL: SCORM Cloud For WordPress Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.0.7.

Content Management, SQL Injection

WordPress UPM Polls Plugin “PID” SQL Injection

December 29th, 2011
Comments Off

Application: WordPress
Affected Version: version 1.0.4 and other versions.
Vendor’s URL: UPM Polls Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

Joomla! JCE Component “name” Arbitrary File Upload

December 29th, 2011
Comments Off

Application: Joomla!
Affected Version: version 2.0.17 and prior versions.
Vendor’s URL: JCE Component
Bug Type: File Upload
Risk Level: Critical

Solution:
Update to version 2.0.19.

Content Management, File Inclusion

WordPress iCopyright(R) Article Tools Plugin Unspecified

December 29th, 2011
Comments Off

Application: WordPress
Affected Version: Prior to version 1.2
Vendor’s URL: iCopyright(R) Article Tools Plugin
Bug Type: Unspecified
Risk Level: Critical

Solution:
Update to version 1.2 or later.

Content Management

WordPress WP Symposium Plugin Two Arbitrary File Upload

December 29th, 2011
Comments Off

Application: WordPress
Affected Version: version 11.11.26
Vendor’s URL: WP Symposium Plugin
Bug Type: File Upload
Risk Level: Critical

Solution:
Update to version 11.12.24.

Content Management, File Inclusion

vtiger CRM Database Backup Authentication Bypass

December 29th, 2011
Comments Off

Application: vtiger CRM
Affected Version: version 5.2.1
Vendor’s URL: Database Backup
Bug Type: Authentication Bypass
Risk Level: Critical

Solution:
Update to version 5.3.0.

Access Bypass, Content Management

WordPress Mailing List Plugin Arbitrary File Download

December 29th, 2011
Comments Off

Application: WordPress
Affected Version: version 1.4.1 and prior versions
Vendor’s URL: Mailing List Plugin
Bug Type: File Download
Risk Level: Critical

Solution:
Update to version 1.4.2.

Content Management, Information Disclosure

Joomla! Fabrik Component Import CSV Arbitrary File Upload

December 1st, 2011
Comments Off

Application: Joomla!
Affected Version: version 2.1 and prior versions
Vendor’s URL: Fabrik Component
Bug Type: File Upload
Risk Level: Critical

Solution:
Update to version 2.1.1.

Content Management, File Inclusion

WordPress Yet Another Photoblog Plugin “fltr[]” Command Injection

December 1st, 2011
Comments Off

Application: WordPress
Affected Version: version 1.9.26 and other versions.
Vendor’s URL: Yet Another Photoblog Plugin
Bug Type: Command Injection
Risk Level: Critical

Solution:
Update to version 1.10 or later.

Content Management, Remote Command Execution

WordPress WP e-Commerce Plugin Script Insertion

December 1st, 2011
Comments Off

Application: WordPress
Affected Version: version 3.8.7.1 and prior versions.
Vendor’s URL: WP e-Commerce Plugin
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 3.8.7.2.

Content Management, Cross Site Scripting

Joomla! obSuggest Component “controller” Local File Inclusion

December 1st, 2011
Comments Off

Application: Joomla!
Affected Version: versions prior to 1.8.
Vendor’s URL: obSuggest Component
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Update to version 1.8.

Content Management, File Inclusion

WordPress AdRotate Plugin “track” SQL Injection

December 1st, 2011
Comments Off

Application: WordPress
Affected Version: version 3.6.6 and other versions.
Vendor’s URL: AdRotate Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, SQL Injection

WordPress Zingiri Web Shop Plugin “selectedDoc[]” Code Injection

December 1st, 2011
Comments Off

Application: WordPress
Affected Version: version 2.2.3 and prior versions.
Vendor’s URL: Zingiri Web Shop Plugin
Bug Type: Code Injection
Risk Level: Critical

Solution:
Update to version 2.2.4.

Content Management, Remote Command Execution

vtiger CRM Multiple Local File Inclusion

December 1st, 2011
Comments Off

Application: vtiger CRM
Affected Version: version 5.2.1 and other versions.
Vendor’s URL: vtiger CRM
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Update to version 5.3.0 RC.

Content Management, File Inclusion

LabWiki Multiple Vulnerabilities

December 1st, 2011
Comments Off

Application: LabWiki
Affected Version: version 1.1 and other versions.
Vendor’s URL: LabWiki
Bug Type: Cross Site Scripting, system access
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised and verified.

Access Bypass, Content Management, Cross Site Scripting

zenphoto Ajax File Manager Code Injection

December 1st, 2011
Comments Off

Application: zenphoto
Affected Version: version 1.4.1.4 and prior versions.
Vendor’s URL: Ajax File Manager
Bug Type: Code Injection
Risk Level: Critical

Solution:
Update to version 1.4.1.5 or later.

Image Galleries, Remote Command Execution

CmyDocument Content Management Multiple Vulnerabilities

December 1st, 2011
Comments Off

Application: CmyDocument Content Management
Affected Version: CmyDocument (2010-01-10) and other versions.
Vendor’s URL: CmyDocument Content Management
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, Cross Site Scripting, SQL Injection

Drupal Views Module SQL Injection

December 1st, 2011
Comments Off

Application: Drupal
Affected Version: versions prior to 6.x-2.13.
Vendor’s URL: Views Module
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 6.x-2.13 or later

Content Management, SQL Injection