Ektron CMS Two SQL Injection
Application: Ektron CMS
Affected Version: versions prior to 9.00.
Vendor’s URL: Ektron CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Upgrade to version 9.00 or later.
Application: Ektron CMS
Affected Version: versions prior to 9.00.
Vendor’s URL: Ektron CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Upgrade to version 9.00 or later.
Application: WordPress
Affected Version: version 1.0.6 and other versions.
Vendor’s URL: Business Intelligence Lite Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 1.1.
Application: Netvolution CMS
Affected Version: version 3 and other versions.
Vendor’s URL: Netvolution CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Jorjweb
Affected Version: -
Vendor’s URL: Jorjweb
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 1.1.4 and other versions.
Vendor’s URL: The Cotton Theme
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Joomla!
Affected Version: version 1.6 and prior versions.
Vendor’s URL: AJAX Shoutbox Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 1.7.
Application: LuxCal Web Calendar
Affected Version: version 3.2.2 and other versions.
Vendor’s URL: LuxCal Web Calendar
Bug Type: Cross-Site Request Forgery and SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 3.5.5 and prior versions.
Vendor’s URL: WP SlimStat Plugin
Bug Type: Script Insertion
Risk Level: Critical
Solution:
Update to version 3.5.6.
Application: WordPress
Affected Version: versions prior to 3.3.
Vendor’s URL: Relevanssi Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 3.3 or later.
Application: Ganesha Digital Library
Affected Version: version 4.2 and other versions.
Vendor’s URL: Ganesha Digital Library
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Cory Support
Affected Version: version 1.0 and other versions.
Vendor’s URL: Cory Support
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Joomla!
Affected Version: versions prior to 1.1.
Vendor’s URL: ODude Dir Component
Bug Type: unknown
Risk Level: Critical
Solution:
Update to version 1.1.
Application: CosmoShop
Affected Version: version 10.17.00 and other versions.
Vendor’s URL: CosmoShop ePRO
Bug Type: Security Bypass
Risk Level: Critical
Solution:
No official solution is currently available.