Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.01.2009
Published:01.02.2009
Source:
SecurityVulns ID:9622
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WP-Upload Manager 1.0: SQL injection, crossite scripting.
Affected:TYPO3 : TYPO3 4.0
 OPENX : OpenX 2.6
 WORDPRESS : WP-Upload Manager 1.0
 MZBSERVICES : Max.Blog 1.0
 WBNEWS : WB News 2.0
 CONPRESSO : ConPresso CMS 4.07
CVE:CVE-2009-0291 (Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.)
 CVE-2009-0258 (The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.)
 CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files to the (a) Indexed Search Engine (indexed_search) system extension; (b) unspecified test scripts in the ADOdb system extension; and (c) unspecified vectors in the Workspace module.)
 CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.)
 CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.)
 CVE-2008-3358 (Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.)
Original documentdocumentSalvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass (01.02.2009)
 documentDEBIAN, [SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution (28.01.2009)
 documentMartin Suess, SAP NetWeaver XSS Vulnerability (28.01.2009)
 documentoffice_(at)_hackattack.at, [HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS (28.01.2009)
 documentarash.setayeshi_(at)_gmail.com, Lootan(kedor) Sql Injection vulnerability (28.01.2009)
 documentarash.setayeshi_(at)_gmail.com, LDF Sql injection vulnerability (28.01.2009)
 documentHACKERS PAL, WB News v2.0.X Remote File include .. (28.01.2009)
 documentadmin_(at)_bugreport.ir, NewsCMSlite Insecure Cookie Handling (28.01.2009)
 documentSECUNIA, Secunia Research: OpenX Multiple Vulnerabilities (28.01.2009)
 documentadmin_(at)_elites0ft.com, OpenX 2.6.3 - Local File Inclusion (28.01.2009)
 documentSalvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability (28.01.2009)
 documentSalvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability (28.01.2009)
 documentMustLive, Vulnerabilities in WP-Upload Manager for WordPress (28.01.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod