Exabytes Security Portal

Joomla Community Polls Component “controller” File Inclusion

TL Guan — Tue, 23 Feb 2010 08:27:06 +0000

Application: Joomla
Affected Version: versions prior to 1.5.3.
Vendor’s URL: Community Polls Component
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Update to version 1.5.3 or later.

Drupal Content Distribution Module Multiple Vulnerabilities

TL Guan — Tue, 23 Feb 2010 08:25:45 +0000

Application: Drupal
Affected Version: versions prior to 6.x-1.3.
Vendor’s URL: Content Distribution Module
Bug Type:
Risk Level: Critical

Solution:
Update to version 6.x-1.3.

Joomla! Core Design Scriptegrator Plugin Multiple File Inclusion

TL Guan — Tue, 23 Feb 2010 08:22:52 +0000

Application: Joomla!
Affected Version: version 1.4.1 and other versions.
Vendor’s URL: Core Design Scriptegrator Plugin
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla RWCards Component “controller” File Inclusion

TL Guan — Tue, 23 Feb 2010 08:21:16 +0000

Application: Joomla
Affected Version: version 3.0.18 and other versions.
Vendor’s URL: RWCards Component
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla Webee Comments Component “articleId” SQLi

TL Guan — Tue, 23 Feb 2010 08:19:53 +0000

Application: Joomla
Affected Version: version 2.0 and other versions.
Vendor’s URL: Webee Comments Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla JQuarks Component “id” SQLi

TL Guan — Tue, 23 Feb 2010 08:18:18 +0000

Application: Joomla
Affected Version: version 0.2.3 and other versions.
Vendor’s URL: JQuarks Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 0.2.4 or later.

Joomla AllVideos Plugin “file” Information Disclosure

TL Guan — Tue, 23 Feb 2010 08:17:09 +0000

Application: Joomla
Affected Version: version 3.1
Vendor’s URL: AllVideos Plugin
Bug Type: Information Disclosure
Risk Level: Critical

Solution:
Update to version 3.3 or later.

Drupal Graphviz Filter Module Arbitrary Command Execution

TL Guan — Tue, 23 Feb 2010 08:15:28 +0000

Application: Drupal
Affected Version: versions prior to 6.x-1.6 and 5.x-1.3.
Vendor’s URL: Graphviz Filter Module
Bug Type: Command Execution
Risk Level: Critical

Solution:
If you use Graphviz Filter 6.x-1.x, upgrade to Graphviz Filter 6.x-1.6.
If you use Graphviz Filter 5.x-1.x, upgrade to Graphviz Filter 5.x-1.3.

odlican.net CMS Arbitrary File Upload

TL Guan — Tue, 23 Feb 2010 08:12:37 +0000

Application: odlican.net CMS
Affected Version: version 1.5.
Vendor’s URL: odlican.net CMS
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Reportedly fixed in version 1.6.

Joomla Productbook Component “id” SQLi

TL Guan — Tue, 23 Feb 2010 08:11:15 +0000

Application: Joomla
Affected Version: version 1.0.4
Vendor’s URL: Productbook Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla JEvents Search Plugin SQLi

TL Guan — Tue, 23 Feb 2010 08:10:09 +0000

Application: Joomla
Affected Version: versions prior to 1.5.3b
Vendor’s URL: JEvents Search Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.5.3b or later.

Joomla! jVideoDirect Component “v” SQLi

TL Guan — Tue, 23 Feb 2010 08:08:51 +0000

Application: Joomla!
Affected Version: version 1.1RC3b and other versions.
Vendor’s URL: jVideoDirect Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla! Documents Seller Component “category_id” SQLi

TL Guan — Tue, 23 Feb 2010 08:07:30 +0000

Application: Joomla!
Affected Version: version 2.5.1 and other versions.
Vendor’s URL: Documents Seller Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Filter malicious characters and character sequences using a proxy.

Joomla! JE Event Calendars Component “event_id” SQLi

TL Guan — Tue, 23 Feb 2010 08:06:19 +0000

Application: Joomla
Affected Version: version 1.0
Vendor’s URL: JE Event Calendars Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla ccNewsletter Component “controller” File Inclusion

TL Guan — Tue, 23 Feb 2010 08:03:40 +0000

Application: Joomla
Affected Version: version 1.0.5
Vendor’s URL: ccNewsletter Component
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Update to version 1.0.6.

LightOpenCMS “cwd” File Inclusion

TL Guan — Wed, 27 Jan 2010 03:31:12 +0000

Application: LightOpenCMS
Affected Version: version 0.1 and other versions
Vendor’s URL: LightOpenCMS
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.
Set “register_globals” to “Off”.

Joomla! Component Ozio Gallery “writeToFile.php” File Manipulation

TL Guan — Wed, 27 Jan 2010 03:26:07 +0000

Application: Joomla!
Affected Version: versions prior to 2.3.
Vendor’s URL: Ozio Gallery
Bug Type: File Manipulation
Risk Level: Critical

Solution:
Update to version 2.3.
http://www.joomla.it/download/oziogallery.html

Joomla JBDiary Component Multiple SQLi

TL Guan — Wed, 27 Jan 2010 03:09:18 +0000

Application: Joomla
Affected Version: version 1.6 and other versions.
Vendor’s URL: JBDiary Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla Document Seller for Docman Component “id” SQLi

TL Guan — Wed, 27 Jan 2010 03:07:45 +0000

Application: Joomla
Affected Version: version 2.1
Vendor’s URL: Document Seller for Docman Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla jEmbed-Embed Anything Component “catid” SQLi

TL Guan — Wed, 27 Jan 2010 03:06:20 +0000

Application: Joomla
Affected Version:
Vendor’s URL: jEmbed-Embed Anything Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla! TPJobs Component “id_c[]” SQLi

TL Guan — Wed, 27 Jan 2010 03:04:59 +0000

Application: Joomla
Affected Version: versions prior to 1.1
Vendor’s URL: TPJobs Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.1.

Xoops XSS and SQLi

TL Guan — Wed, 27 Jan 2010 03:02:20 +0000

Application: Xoops
Affected Version: version 2.4.2 and prior versions.
Vendor’s URL: Xoops
Bug Type: Cross Site Scripting and SQL Injection
Risk Level: Medium

Solution:
Update to version 2.4.3.

Joomla iF Portfolio Nexus Component “controller” File Inclusion

TL Guan — Wed, 27 Jan 2010 03:00:54 +0000

Application: Joomla
Affected Version: version 1.5
Vendor’s URL: iF Portfolio Nexus Component
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified.

Joomla! BeeHeard Component “category_id” SQLi

TL Guan — Wed, 27 Jan 2010 02:59:28 +0000

Application: Joomla!
Affected Version:
Vendor’s URL: BeeHeard Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Filter malicious characters and character sequences using a proxy.

WordPress Woopra Analytics Plugin Arbitrary File Creation

TL Guan — Thu, 24 Dec 2009 08:15:34 +0000

Application: WordPress
Affected Version:
Vendor’s URL: Woopra Analytics Plugin
Bug Type: System Access
Risk Level: Critical

Solution:
Update to version 1.4.3.2.

Remove ofc_upload_image.php file from the Open Flash Chart directory.

Joomla JEEMA Article Collection Component “catid” SQLi

TL Guan — Thu, 24 Dec 2009 08:13:15 +0000

Application: Joomla
Affected Version: version 1.0.0.1 and other versions.
Vendor’s URL: JEEMA Article Collection Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Joomla JoomPortfolio Component “secid” SQLi

TL Guan — Thu, 24 Dec 2009 08:11:03 +0000

Application: Joomla
Affected Version: version 1.0.0 and other versions.
Vendor’s URL: JoomPortfolio Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

WP-Forum Multiple SQLi

TL Guan — Thu, 24 Dec 2009 08:09:13 +0000

Application: WP-Forum
Affected Version: versions 2.3 and 2.4 and other versions.
Vendor’s URL: WP-Forum
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Invision Power Board Script Insertion and SQLi

TL Guan — Thu, 24 Dec 2009 08:05:37 +0000

Application: Invision Power Board
Affected Version: version 2.3.6 and other versions.
Vendor’s URL: Invision Power Board
Bug Type: Script Insertion and SQL Injection
Risk Level: Medium

Solution:
Upgrade to version 3.0.5 or later.

Joomla JPhoto Component “id” SQLi

TL Guan — Thu, 24 Dec 2009 07:43:46 +0000

Application: Joomla
Affected Version: version 1.0
Vendor’s URL: JPhoto Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 1.1 or later.