Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.04.2012
Source:
SecurityVulns ID:12316
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:COPPERMINE : Coppermine 1.5
 PHPMYADMIN : phpMyAdmin 3.4
 VBULLETIN : Vbulletin 4.1
 TYPO3 : typo3 4.5
 APACHE : Wicket 1.4
 UMBARCO : Umbraco 4.7
 UPLOADIFY : Uploadify 2.1
 UPLOADIFY : Uploadify 3.0
 DIRECTADMIN : DirectAdmin 1.403
 FLATNUX : Flatnux CMS 2011
 MANAGENGINE : Firewall Analyzer 7.2
 LANDSHOP : Landshop 0.9
 WORDPRESS : Buddypress 1.5
 ASTARO : Astaro Command Center 2.0
 OSCMAX : osCmax 2.5
 HBPORTAL : hbportal 0.1
 PHPPALEO : phppaleo 4.8
 TUFIN : SecureTrack 6.1
 TRYTON : tryton 2.2
 INVISIONPOWER : Invision Power Board 3.2
 NEXTBBS : NextBBS 0.6
 PHPMONEYBOOKS : phpMoneyBooks 1.0
 PHPGRADEBOOK : php-gradebook 1.9
 APACHE : Wicket 1.5
 OJS : Open Journal Systems 2.3
 SEDITO : Seditio 165
 MINIFY : Minify 2.1
CVE:CVE-2012-1902 (show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file.)
 CVE-2012-1673 (SQL injection vulnerability in loginscript.php in e-ticketing allows remote attackers to execute arbitrary SQL commands via the password parameter.)
 CVE-2012-1672 (SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 allows remote attackers to execute arbitrary SQL commands via the country parameter.)
 CVE-2012-1671 (Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.)
 CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote attackers to read the database via a SaveSQL action.)
 CVE-2012-1669 (Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.)
 CVE-2012-1665 (Multiple SQL injection vulnerabilities in the admin panel in osCMax before 2.5.1 allow (1) remote attackers to execute arbitrary SQL commands via the username parameter in a process action to admin/login.php or (2) remote administrators to execute arbitrary SQL commands via the status parameter to admin/stats_monthly_sales.php or (3) country parameter in a process action to admin/create_account_process.php.)
 CVE-2012-1664 (Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in a process action to admin/login.php; (2) pageTitle, (3) current_product_id, or (4) cPath parameter to admin/new_attributes_include.php; (5) sb_id, (6) sb_key, (7) gc_id, (8) gc_key, or (9) path parameter to admin/htaccess.php; (10) title parameter to admin/information_form.php; (11) search parameter to admin/xsell.php; (12) gross or (13) max parameter to admin/stats_products_purchased.php; (14) status parameter to admin/stats_monthly_sales.php; (15) sorted parameter to admin/stats_customers.php; (16) information_id parameter to /admin/information_manager.php; or (17) zID parameter to /admin/geo_zones.php.)
 CVE-2012-1608 (The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.)
 CVE-2012-1607 (The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.)
 CVE-2012-1606 (Multiple cross-site scripting (XSS) vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2012-1469 (Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems before 2.3.7 allow remote attackers and remote authenticated users to inject arbitrary web script or HTML via the (1) editor or (2) callback parameters to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php in the iBrowser plugin, (3) authors[][url] parameter to index.php, or (4) Bio Statement or (5) Abstract of Submission fields to the stripUnsafeHtml function in lib/pkp/classes/core/String.inc.php.)
 CVE-2012-1468 (Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.)
 CVE-2012-1467 (Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. (dot dot) in the param parameter to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php.)
 CVE-2012-1301
 CVE-2012-1190 (Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.)
 CVE-2012-1089 (Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.)
 CVE-2012-0215 (model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) write, (3) delete, or (4) copy rpc call.)
 CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.)
Original documentdocumentAyoub Aboukir, Minify and related plugins DOM-Based XSS Vulnerability (09.04.2012)
 documentMustLive, XSS и Brute Force уязвимости в WordPress (09.04.2012)
 documentMustLive, Brute Force и XSS уязвимость в Wordpress (09.04.2012)
 documentchin4b0y, seditio165_CSRF_and_world_readble_db_dumpissuses (09.04.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Open Journal Systems (OJS) (09.04.2012)
 documentvoidloafer_(at)_gmail.com, struts2 xsltResult Local code execution vulnerability (09.04.2012)
 documentAPACHE, [CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter (09.04.2012)
 documentAPACHE, [CVE-2012-1089] Apache Wicket serving of hidden files vulnerability (09.04.2012)
 documentgabor.berczi_(at)_devworx.hu, Prado TJavaScript::encode() script injection vulnerability (09.04.2012)
 documentMark Stanislav, 'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) (09.04.2012)
 documentMark Stanislav, 'phpMoneyBooks' Local File Inclusion (CVE-2012-1669) (09.04.2012)
 documentdemonalex_(at)_163.com, Matthew1471s ASP BlogX - XSS Vulnerabilities (09.04.2012)
 documentJanek Vind, [waraxe-2012-SA#080] - Multiple Vulnerabilities in NextBBS 0.6.0 (09.04.2012)
 documentNetsparker Advisories, Cross-site scripting vulnerability in Invision Power Board version 3.2.3 (09.04.2012)
 documentDEBIAN, [SECURITY] [DSA 2444-1] tryton-server security update (09.04.2012)
 documentJanek Vind, [waraxe-2012-SA#081] - Multiple Vulnerabilities in Coppermine 1.5.18 (09.04.2012)
 documentEwerson Guimarгes (Crash) - Dclabs, [DCA-2011-0016] - Tufin SecureTrack Cross Site Script (09.04.2012)
 documentMark Stanislav, 'Hotel Booking Portal' SQL Injection (CVE-2012-1672) (09.04.2012)
 documentMark Stanislav, 'phpPaleo' Local File Inclusion (CVE-2012-1671) (09.04.2012)
 documentMark Stanislav, 'e-ticketing' SQL Injection (CVE-2012-1673) (09.04.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in osCmax (09.04.2012)
 documentVulnerability Lab, Astaro Command Center v2.x - Multiple Web Vulnerabilities (09.04.2012)
 documentMANDRIVA, [ MDVSA-2012:050 ] phpmyadmin (09.04.2012)
 documentivan_terkin_(at)_yahoo.com, SQL injection in Wordpress plugin Buddypress (09.04.2012)
 documentDEBIAN, [SECURITY] [DSA 2445-1] typo3-src security update (09.04.2012)
 documentVulnerability Lab, Landshop v0.9.2 - Multiple Web Vulnerabilities (09.04.2012)
 documentVulnerability Lab, ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities (09.04.2012)
 documentVulnerability Lab, Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities (09.04.2012)
 documentJanek Vind, DirectAdmin v1.403 - Cross Site Scripting Vulnerability (09.04.2012)
 documentJanek Vind, [waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4 (09.04.2012)
 documentJanek Vind, [waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0 (09.04.2012)
 documentAmir_(at)_irist.ir, Wordpress taggator plugin Sql Injection Vulnerabilities (09.04.2012)
 documentAmir_(at)_irist.ir, vBulletin 4.1.10 Sql Injection Vulnerabilitiy (09.04.2012)
 documentFlorent Daigniere, [MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 (09.04.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod