WordPress Privilege Escalation
August 20th, 2009
Comments Off
Application: WordPress
Affected Version:
Vendor’s URL: WordPress
Bug Type: Privilege Escalation
Risk Level: Medium
Solution:
Update to version 2.8.4.
Archive
Archive for the ‘Privilege Escalation’ Category
Drupal Live Module Privilege Escalation Security Issue
August 20th, 2009
Comments Off
Application: Drupal
Affected Version: versions prior to 6.x-1.2.
Vendor’s URL: Drupal Live Module
Bug Type: Privilege escalation
Risk Level: Low
Solution:
Update to version 6.x-1.2.
http://drupal.org/node/534976
Drupal Notify Module Privilege Escalation
January 19th, 2009
Comments Off
Application: Drupal
Affected Version: prior to 5.x-1.2
Vendor’s URL: Notify Module
Bug Type: Privilege Escalation
Risk Level: Medium
Solution:
Update to version 5.x-1.2.
Drupal EveryBlog Module Multiple Vulnerabilities
October 24th, 2008
Comments Off
Application: Drupal
Affected Version: all 5.x and 6.x versions.
Vendor’s URL: EveryBlog Module
Bug Type: Security Bypass, Cross Site Scripting, Privilege Escalation
Risk Level: Critical
Solution:
Use another product as all releases of the module have been removed from Drupal.org.
Access Bypass, Content Management, Cross Site Scripting, Privilege Escalation
DotNetNuke Multiple Vulnerabilities
April 18th, 2008
Comments Off
Application: DotNetNuke
Affected Version: version prior to 4.8.2.
Vendor’s URL: http://www.dotnetnuke.com/
Bug Type: Privilege escalation, access bypass
Risk Level: Critical
Solution:
Update to version 4.8.2.
http://www.dotnetnuke.com/tabid/125/default.aspx
YaBB CRLF Injection Privilege Escalation
June 15th, 2007
Application: YABB Forum
Affected Version: 2.1 or other versions may be affected
Vendor’s URL: http://www.yabbforum.com/
Bug Type: Privilege Escalation
Risk Level: Critical
Solution:
Apply patch.
http://www.yabbforum.com/community/?board=general;action=display;num=1181678785