Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.12.2011
Source:
SecurityVulns ID:12117
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpMyAdmin 3.4
 TIKI : Tiki Wiki CMS Groupware 8.2
 EPESIBIM : epesi BIM 1.2
 OBM : obm 2.4
 PHPSHOP : PHPShop CMS Free 3.4
 MEDIAWIKI : mediawiki 1.16
 DTC : dtc 0.34
 BOOKINGCALENDAR : PHP Booking Calendar 10e
 SASHA : SASHA 0.2
 APPRAIN : appRain CMF 0.1
 NOVELL : Sentinel Log Manager 1.2
CVE:CVE-2011-4782 (Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.)
 CVE-2011-4551 (Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters.)
 CVE-2011-4361 (MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an extension, as demonstrated by the CategoryTree, ExtTab, and InlineEditor extensions.)
 CVE-2011-4360 (MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.)
 CVE-2011-3199 (Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message body of a support ticket or unspecified vectors to the (2) DNS and (3) MX form, as demonstrated by the "Domain root TXT record:" field.)
 CVE-2011-3198 (Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arguments.)
 CVE-2011-3197 (SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector.)
 CVE-2011-3196 (The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file.)
 CVE-2011-3195 (shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.)
 CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.)
 CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.)
 CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information by using the \2f\2a and \2a\2f hex strings to surround CSS comments.)
 CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character.)
Original documentdocumentAndrea Fabrizi, Novell Sentinel Log Manager <=1.2.0.1 Path Traversal (26.12.2011)
 documentVulnerability Lab, appRain CMF v0.1.5 - Multiple Web Vulnerabilities (26.12.2011)
 documenttom, SASHA v0.2.0 Mutiple XSS (26.12.2011)
 documenttom, PHP Booking Calendar 10e XSS (26.12.2011)
 documentDEBIAN, [SECURITY] [DSA 2365-1] dtc security update (26.12.2011)
 documentDEBIAN, [SECURITY] [DSA 2366-1] mediawiki security update (26.12.2011)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in PHPShop CMS Free (26.12.2011)
 documentsecurity_(at)_infoserve.de, Tiki Wiki CMS Groupware Stored Cross-Site-Scripting (26.12.2011)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in epesi BIM (26.12.2011)
 documentTrustwave Advisories, TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin (26.12.2011)
 documentn0b0d13s_(at)_gmail.com, Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection (26.12.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod