Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.09.2013
Source:
SecurityVulns ID:13263
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CACTI : cacti 0.8
 COTONI : Cotonti 0.9
 APACHE : Struts 2.3
 SILVERSTRIPE : SilverStripe CMS 3.0
 PHPMYADMIN : phpmyadmin 3.5
 MCIMAGEMANAGER : Moxiecode Image Manager 3.1
 ALMACOR : aCMS 1.0
 OTRS : otrs 3.2
 JOOMLA : Joomla 3.1
 SOLTECH : Soltech.CMS 0.4
 GDD : GDD FLVPlayer 3.635
 AVAYA : Avaya IP Office Customer Call Reporter 8.0
 AVAYA : Avaya IP Office Customer Call Reporter 9.0
 VOLTEDIT : VoltEdit 26.0
 GROUPLINK : GroupLink everything HelpDesk 10.0
 INDIANIC : Testimonial 2.2
 CAPASYSTEMS : Performance Guard 6.2
 LCMS : lcms 1.19
 DJANGO : django 1.5
 JOOMLA : VirtueMart 2.0
 DEWES : DeWeS 0.4
 STRATA : Twilight CMS 5.17
 WORDPRESS : BackWPup 3.0
 XYMON : Xymon 4.2
 CAKEPHP : CakePHP 2.3
 JOOMLA : redSHOP 1.2
 PHPFOX : PHPFox 3.6
 TRUSTPORT : Trustport Webfilter 5.5
 APACHE : CloudStack 4.1
 BIGTREE : BigTree CMS 2.0
 SOCIALENGINE : SocialEngine 4.5
 WORDPRESS : Usernoise 3.7
 JOOMLA : JSE Event 1.0
 JOOMLA : Sectionix 2.5
 OWNCLOUD : owncloud 5.0
 VTIGER : vTiger CMS 5.4
 JAHIA : Jahia xCM 6.6
 MOJOPORTAL : MojoPortal 2.3
 WORDPRESS : Better WP Security 3.5
CVE:CVE-2013-5589 (SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.)
 CVE-2013-5588 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php.)
 CVE-2013-5216 (Directory traversal vulnerability in logreader/uploadreader.jsp in CapaSystems Performance Guard before 6.2.102 allows remote attackers to read arbitrary files via unspecified vectors.)
 CVE-2013-5003 (Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via (1) the scale parameter to pmd_pdf.php or (2) the pdf_page_number parameter to schema_export.php.)
 CVE-2013-5002 (Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Relation_Schema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schema_export.php.)
 CVE-2013-5000 (phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.)
 CVE-2013-4998 (phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.)
 CVE-2013-4996 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a crafted logo URL in the navigation panel, (4) a crafted entry in a certain proxy list, or (5) crafted content in a version.json file.)
 CVE-2013-4995 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.)
 CVE-2013-4900 (Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.)
 CVE-2013-4899 (Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.)
 CVE-2013-4898 (Unrestricted file upload vulnerability in the user profile page feature in the Timeline Plugin 4.2.5p9 for SocialEngine allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in public/temporary/timeline/.)
 CVE-2013-4880 (Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.)
 CVE-2013-4879 (SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php.)
 CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.)
 CVE-2013-4717
 CVE-2013-4626 (Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.)
 CVE-2013-4624 (Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM 6.6.1.0 before hotfix 7 allow remote attackers to inject arbitrary web script or HTML via (1) the site parameter to engines/manager.jsp, (2) the searchString parameter to administration/ in a search action, or the (3) username, (4) firstName, (5) lastName, (6) email, or (7) organization field to administration/ in a users action.)
 CVE-2013-4276 (Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.)
 CVE-2013-4249 (Cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbitrary web script or HTML via a URLField.)
 CVE-2013-4173 (Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitrary files via a .. (dot dot) in the host name in a "drophost" command.)
 CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.)
 CVE-2013-4152 (The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.)
 CVE-2013-3215
 CVE-2013-3214
 CVE-2013-3213 (Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_list method to soap/customerportal.php, or (3) emailaddress parameter in the SearchContactsByEmail method to soap/vtigerolservice.php; or remote authenticated users to execute arbitrary SQL commands via the (4) emailaddress parameter in the SearchContactsByEmail method to soap/thunderbirdplugin.php.)
 CVE-2013-3212
 CVE-2013-2653 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.)
 CVE-2013-2251 (Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.)
 CVE-2013-2248 (Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.)
 CVE-2013-2136 (Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizard; (2) New network name, (3) instance name, or (4) group to the Instance wizard; (5) unspecified "multi-edit fields;" and (6) unspecified "list view" edit fields related to global settings.)
 CVE-2013-1435 ((1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.)
 CVE-2013-1434 (Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors.)
Original documentdocumentNCC Group Research, NGS00500 Technical Advisory: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE (09.09.2013)
 documentMANDRIVA, [ MDVSA-2013:203 ] phpmyadmin (09.09.2013)
 documentvulns_(at)_dionach.com, MojoPortal XSS (09.09.2013)
 documentHigh-Tech Bridge Security Research, Multiple XSS Vulnerabilities in Jahia xCM (09.09.2013)
 documentHigh-Tech Bridge Security Research, SQL Injection in Cotonti (09.09.2013)
 documentEgidio Romano, [KIS-2013-08] vtiger CRM <= 5.4.0 (SOAP Services) Authentication Bypass Vulnerability (09.09.2013)
 documentEgidio Romano, [KIS-2013-07] vtiger CRM <= 5.4.0 (vtigerolservice.php) PHP Code Injection Vulnerability (09.09.2013)
 documentEgidio Romano, [KIS-2013-06] vtiger CRM <= 5.4.0 (SOAP Services) Multiple SQL Injection Vulnerabilities (09.09.2013)
 documentEgidio Romano, [KIS-2013-05] vtiger CRM <= 5.4.0 (customerportal.php) Two Local File Inclusion Vulnerabilities (09.09.2013)
 documentRustein, Fara Denise (LATCO - Buenos Aires), SilverStripe(R) Information Exposure Through Query Strings in GET Request (CWE-598) (09.09.2013)
 documentEmilio Pinna, Joomla core <= 3.1.5 reflected XSS vulnerability (09.09.2013)
 documentMANDRIVA, [ MDVSA-2013:206 ] owncloud (09.09.2013)
 documentmatias.fontanini_(at)_gmail.com, Joomla com_sectionex v2.5.96 SQL Injection vulnerabilities (09.09.2013)
 documentsamelat_(at)_gmail.com, Joomseller "Events Booking Pro" and "JSE Event" reflected XSS (09.09.2013)
 documentroguecoder_(at)_hush.com, Usernoise 3.7.8 WP plugin cross-site scripting vulnerability (09.09.2013)
 documentHigh-Tech Bridge Security Research, Multiple Vulnerabilities in BigTree CMS (09.09.2013)
 documentAPACHE, Updated [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity (09.09.2013)
 documentOliver Karow, Trustport Webfilter Remote File Access Vulnerability (09.09.2013)
 documentmatias.fontanini_(at)_gmail.com, PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities (09.09.2013)
 documentmatias.fontanini_(at)_gmail.com, Joomla! redSHOP component v1.2 SQL Injection (09.09.2013)
 documentroguecoder_(at)_hush.com, [RCA-201308-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities (09.09.2013)
 documentvuln-report_(at)_secur3.us, ReviewBoard Vulnerabilities (09.09.2013)
 documentmbsdtest01_(at)_gmail.com, Struts2 Prefixed Parameters OGNL Injection Vulnerability (09.09.2013)
 documentmbsdtest01_(at)_gmail.com, Struts2 Prefixed Parameters Open Redirect Vulnerability (09.09.2013)
 documentmbsdtest01_(at)_gmail.com, CakePHP AssetDispatcher Local File Inclusion Vulnerability (09.09.2013)
 documentMANDRIVA, [ MDVSA-2013:212 ] otrs (09.09.2013)
 documentMANDRIVA, [ MDVSA-2013:213 ] xymon (09.09.2013)
 documentHigh-Tech Bridge Security Research, Path Traversal in DeWeS Web Server (Twilight CMS) (09.09.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Twilight CMS (09.09.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in BackWPup WordPress Plugin (09.09.2013)
 documentPIVOTAL, CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework (09.09.2013)
 documentmatias.fontanini_(at)_gmail.com, Joomla! VirtueMart component <= 2.0.22a - SQL Injection (09.09.2013)
 documentiedb.team_(at)_gmail.com, Wordpress videowhisper-live-streaming-integration Plugin Xss vulnerabilities (09.09.2013)
 documentDEBIAN, [SECURITY] [DSA 2740-1] python-django security update (09.09.2013)
 documentiedb.team_(at)_gmail.com, Wordpress post-gallery Plugin Xss vulnerabilities (09.09.2013)
 documentMANDRIVA, [ MDVSA-2013:220 ] lcms (09.09.2013)
 documentdanielthomson72_(at)_gmail.com, Drupal Node View Permissions module and Flag module Vulnerabilities (09.09.2013)
 documentkerem.kocaer_(at)_gmail.com, CVE-2013-5216 CapaSystems Performance Guard Path Traversal Vulnerability (09.09.2013)
 documentDEBIAN, [SECURITY] [DSA 2747-1] cacti security update (09.09.2013)
 documentroguecoder_(at)_hush.com, IndiaNIC Testimonail WP plugin - Multiple vulnerabilities (09.09.2013)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities (09.09.2013)
 documentautumn love, Sql Injection in "2easy Web Applications" (09.09.2013)
 documentX-Cisadane, VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability (09.09.2013)
 documentX-Cisadane, VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability (09.09.2013)
 documentMustLive, XSS and FPD vulnerabilities in WPtouch and WPtouch Pro for WordPress (09.09.2013)
 documentMustLive, XSS and CS vulnerabilities in aCMS (09.09.2013)
 documentMustLive, XSS and CS vulnerabilities in aCMS (09.09.2013)
 documentMustLive, SQL Injection vulnerability in Soltech.CMS (09.09.2013)
 documentMustLive, CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE (09.09.2013)
 documentMustLive, CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE (09.09.2013)
 documentMustLive, CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE (09.09.2013)
 documentMustLive, Vulnerabilities in Avaya IP Office Customer Call Reporter (09.09.2013)
 documentMustLive, Vulnerabilities in Avaya IP Office Customer Call Reporter (09.09.2013)
 documentMustLive, CS and XSS vulnerabilities in GDD FLVPlayer (09.09.2013)
 documentMustLive, Vulnerabilities in multiple web applications with GDD FLVPlayer (09.09.2013)
 documentMustLive, Vulnerabilities in multiple plugins for WordPress with GDD FLVPlayer (09.09.2013)
 documentMustLive, XSS and CS vulnerability in Soltech.CMS (09.09.2013)
 documentMustLive, XSS and CS vulnerability in Soltech.CMS (09.09.2013)
 documentMustLive, Insufficient Authorization vulnerability in Act (09.09.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod