Ektron CMS Two SQL Injection
Application: Ektron CMS
Affected Version: versions prior to 9.00.
Vendor’s URL: Ektron CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Upgrade to version 9.00 or later.
Application: Ektron CMS
Affected Version: versions prior to 9.00.
Vendor’s URL: Ektron CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Upgrade to version 9.00 or later.
Application: Netvolution CMS
Affected Version: version 3 and other versions.
Vendor’s URL: Netvolution CMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Jorjweb
Affected Version: -
Vendor’s URL: Jorjweb
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Joomla!
Affected Version: version 1.6 and prior versions.
Vendor’s URL: AJAX Shoutbox Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 1.7.
Application: LuxCal Web Calendar
Affected Version: version 3.2.2 and other versions.
Vendor’s URL: LuxCal Web Calendar
Bug Type: Cross-Site Request Forgery and SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: versions prior to 3.3.
Vendor’s URL: Relevanssi Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 3.3 or later.
Application: Ganesha Digital Library
Affected Version: version 4.2 and other versions.
Vendor’s URL: Ganesha Digital Library
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Cory Support
Affected Version: version 1.0 and other versions.
Vendor’s URL: Cory Support
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Joomla!
Affected Version: versions 2.5.18, 3.2.1 and 3.2.2
Vendor’s URL: Joomla!
Bug Type: Security Bypass, Cross Site Scripting, SQL Injection
Risk Level: Critical
Solution:
Update to version 2.5.19 or 3.2.3.
Access Bypass, Content Management, Cross Site Scripting, SQL Injection
Application: WordPress
Affected Version: version 7.0.2 and prior versions.
Vendor’s URL: Search Everything Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 7.0.3 or later.
Application: WordPress
Affected Version: AdRotate Free version 3.9.4 and reported in AdRotate Pro versions prior to 3.9.6.
Vendor’s URL: AdRotate Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to a fixed version.
Application: Joomla!
Affected Version: version 3.0.2 and prior versions
Vendor’s URL: JV Comment Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 3.0.3.
Application: Joomla!
Affected Version: version 1.0.8 and prior versions.
Vendor’s URL: Sexy Polling Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 1.0.9.
Application: InstantCMS
Affected Version: versions 1.10.3 and prior.
Vendor’s URL: InstantCMS
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Apply patch.
Application: WordPress
Affected Version: version 1.3 and other versions.
Vendor’s URL: FormCraft Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: MyBB
Affected Version: versions prior to 1.6.12.
Vendor’s URL: MyBB
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical
Solution:
Update to version 1.6.12.
Application: Joomla!
Affected Version: versions prior to 3.0.11.
Vendor’s URL: Projectfork Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 3.0.11.
Application: Bilboplanet
Affected Version: version 2.0 and other versions.
Vendor’s URL: Bilboplanet
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 1.2.3 and prior versions.
Vendor’s URL: Landing Pages Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 1.2.3 (10/09/13).
Application: glFusion
Affected Version: version 1.3.0 and prior versions.
Vendor’s URL: glFusion
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 1.3.1.