Archive

Archive for November, 2013

Joomla! Projectfork Component “search” and “order” SQL Injection

November 29th, 2013
Comments Off

Application: Joomla!
Affected Version: versions prior to 3.0.11.
Vendor’s URL: Projectfork Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 3.0.11.

Content Management, SQL Injection

WordPress FunCaptcha Plugin Two Cross-Site Scripting

November 29th, 2013
Comments Off

Application: WordPress
Affected Version: version 0.4.3 and prior version
Vendor’s URL: FunCaptcha Plugin
Bug Type: Cross-Site Scripting
Risk Level: Medium

Solution:
Update to version 0.4.4.

Content Management, Cross Site Scripting

Drupal EU Cookie Compliance Module Unspecified Script Insertion

November 29th, 2013
Comments Off

Application: Drupal
Affected Version: versions prior to 7.x-1.12.
Vendor’s URL: EU Cookie Compliance Module
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 7.x-1.12.

Content Management, Cross Site Scripting

WHMCS “unserialize()” PHP Code Execution and Multiple Unspecified Vulnerabilities

November 29th, 2013
Comments Off

Application: WHMCS
Affected Version: versions prior to 5.1.14 and 5.2.13.
Vendor’s URL: WHMCS
Bug Type: Code Execution
Risk Level: Critical

Solution:
Update to version 5.1.14 and 5.2.13.

Access Bypass

WordPress Tweet Blender Plugin “tb_tab_index” Cross-Site Scripting

November 29th, 2013
Comments Off

Application: WordPress
Affected Version: versions prior to 4.0.2.
Vendor’s URL: Tweet Blender Plugin
Bug Type: Cross-Site Scripting
Risk Level: Critical

Solution:
Update to version 4.0.2.

Content Management, Cross Site Scripting

WordPress This Way Theme Arbitrary File Upload

November 29th, 2013
Comments Off

Application: WordPress
Affected Version: -
Vendor’s URL: This Way Theme
Bug Type: File Upload
Risk Level: Critical

Solution:
No official solution is currently available.

Content Management, File Inclusion

Joomla! Multiple Cross-Site Scripting Vulnerabilities

November 29th, 2013
Comments Off

Application: Joomla!
Affected Version: versions prior to 2.5.15, 3.1.6, and 3.2.
Vendor’s URL: Joomla!
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 2.5.15, 3.1.6, or 3.2.

Content Management, Cross Site Scripting