Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.12.2013
Source:
SecurityVulns ID:13441
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:APACHE : mod_fcgid 2.3
 SPIP : spip 2.1
 APACHE : Struts 2.3
 BUGZILLA : Bugzilla 4.4
 WORDPRESS : WordPress 3.5
 OPENCART : OpenCart 1.5
 INSTANTSOFT : InstantCMS 1.10
 WORDPRESS : Wordpress 3.6
 ZIKULA : Zikula CMS 1.3
 PIVOTAL : Spring 3.2
 PIVOTAL : Spring 4.0
 JAMROOM : Jamroom 5.0
 CHAMILO : Chamilo LMS 1.9
 DOKEOS : Dokeos 2.2
 WORDPRESS : Tweet Blender 4.0
 APPRAIN : appRain 3.0
 MICROWEBER : Microweber 0.8
 HTMLPURIFIER : HTMLPurifier 4.5
 DRUPAL : Drupal 6.28
 DRUPAL : Drupal 7.23
 OPENXCHANGE : Open-Xchange 6.22
 MYBB : Ajaxfs 2.0
 EMC : Document Sciences xPression 4.1
 PHPNUKE : PHP-Nuke 8.2
 APACHE : Apache Commons FileUpload 1.2
 APACHE : Apache XML Security for Java 1.4
 PYDIO : Pydio 5.0
 WORDPRESS : Gallery Bank 2.0
 WORDPRESS : jigoshop 1.8
 PROJECTORRIA : Project'Or RIA 3.4
 HORDE : Horde Groupware Webmail Edition 5.1
 PDIRL : pdirl 1.0
 GTXCMS : GTX CMS 2013
 OLAT : Olat CMS 7.8
 ROUNDCUBE : roundcube 0.8
 VBULLETIN : vBulletin 5.0
 NAGIOS : Nagios Looking Glass 1.1
 ILIAS : ILIAS eLearning 4.4
 OPSVIEW : Opsview 4.4
 ONPUB : Onpub CMS 1.5
 LIVEZILLA : LiveZilla 5.1
 OPENSIS : openSIS 5.2
 ELITEGRAPHICS : ElitCMS 1.01
CVE:CVE-2013-7002 (Cross-site scripting (XSS) vulnerability in mobile/php/translation/index.php in LiveZilla before 5.1.1.0 allows remote attackers to inject arbitrary web script or HTML via the g_language parameter.)
 CVE-2013-6804 (Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results/all/1/4.)
 CVE-2013-6787 (SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "password0" parameter.)
 CVE-2013-6389 (Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2013-6388 (Cross-site scripting (XSS) vulnerability in the Color module in Drupal 7.x before 7.24 allows remote attackers to inject arbitrary web script or HTML via vectors related to CSS.)
 CVE-2013-6387 (Cross-site scripting (XSS) vulnerability in the Image module in Drupal 7.x before 7.24 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the description field.)
 CVE-2013-6386 (Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack.)
 CVE-2013-6385 (The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used with unspecified third-party modules, performs form validation even when CSRF validation has failed, which might allow remote attackers to trigger application-specific impacts such as arbitrary code execution via application-specific vectors.)
 CVE-2013-6365
 CVE-2013-6364
 CVE-2013-6342 (Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.)
 CVE-2013-6341 (SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php.)
 CVE-2013-6275
 CVE-2013-6267 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.11.9 allow remote attackers to inject arbitrary web script or HTML via the (1) box parameter to messaging/messagebox.php, cidToEdit parameter to (2) adminregisteruser.php or (3) admin_user_course_settings.php in admin/, (4) module_id parameter to admin/module/module.php, or (5) offset parameter to admin/right/profile_list.php.)
 CVE-2013-6242
 CVE-2013-6227 (Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation.)
 CVE-2013-6226 (Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files via unspecified vectors.)
 CVE-2013-6177 (Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary files by leveraging xDashboard access.)
 CVE-2013-6176 (Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute arbitrary SQL commands via unspecified input to a (1) xAdmin or (2) xDashboard form.)
 CVE-2013-6175 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject arbitrary web script or HTML via unspecified input to a (1) xAdmin or (2) xDashboard form.)
 CVE-2013-6174 (Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.)
 CVE-2013-6173 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to hijack the authentication of administrators for requests that perform administrative actions in (1) xAdmin or (2) xDashboard.)
 CVE-2013-6168 (Cross-site scripting (XSS) vulnerability in Zikula Application Framework before 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the returnpage parameter to index.php.)
 CVE-2013-6164 (SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote attackers to execute arbitrary SQL commands via the objectId parameter.)
 CVE-2013-6163 (Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr (formerly Project'Or RIA) before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to view/parameter.php, (2) p1value parameter to view/main.php, or (3) objectClass parameter to view/objectDetail.php.)
 CVE-2013-6058 (SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.)
 CVE-2013-5984 (Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. (dot dot) in the file parameter.)
 CVE-2013-5695 (Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/auditlog/, (2) PATH_INFO to info/host/ or (3) viewport/, (4) back parameter to login, or (5) "from" parameter to status/service/recheck.)
 CVE-2013-5694 (SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the service_selection parameter.)
 CVE-2013-4365 (Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.)
 CVE-2013-2186 (The DiskFileItem class in Apache Commons FileUpload as used in, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal 4.3 CP07, 5.2.2 and 6.0.0, and Red Hat JBoss Web Server 1.0.2, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.)
 CVE-2013-2172 (jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature.")
 CVE-2013-1743 (Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the (1) summary or (2) real name field. NOTE: this issue exists because of an incomplete fix for CVE-2012-4189.)
 CVE-2013-1742 (Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) sortkey parameter.)
 CVE-2013-1734 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action.)
 CVE-2013-1733 (Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.)
 CVE-2013-1349 (Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.)
 CVE-2013-0316 (The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests.)
Original documentdocumentVulnerability Lab, Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities (09.12.2013)
 documentBogdan Calin, Critical vulnerabilities discovered in Gazelle and TBDEV.net (09.12.2013)
 documentEgidio Romano, [KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability (09.12.2013)
 documentalireza hassani, Opencart Multiple Vulnerabilities (09.12.2013)
 documentzoczus_(at)_gmail.com, LiveZilla 5.1.0.0 Reflected XSS in translations (09.12.2013)
 documentAPACHE, [ANN] Struts 2.3.15.3 GA release available - security fix (09.12.2013)
 documentVulnerability Lab, Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities (09.12.2013)
 documentJ. Oquendo, CVE-2013-5694 Blind SQL Injection in Ops View (09.12.2013)
 documentJ. Oquendo, CVE-2013-5695 Multilple Cross Site Scripting (XSS) Attacks in Ops View (09.12.2013)
 documentVulnerability Lab, ILIAS eLearning 4.3.4 & 4.4 CMS - Persistent Notes Web Vulnerability (09.12.2013)
 documentnoreply_(at)_ptsecurity.ru, [PT-2013-46] Local File Include in Nagios Looking Glass (09.12.2013)
 documentsimo_(at)_morxploit.com, vBulletin remote admin injection exploit (09.12.2013)
 documentm.benetrix_(at)_e-secure.com.au, Multiple CSRF Horde Groupware Web mail Edition 5.1.2 (09.12.2013)
 documentMANDRIVA, [ MDVSA-2013:263 ] roundcubemail (09.12.2013)
 documentVulnerability Lab, Document Title: =============== GTX CMS 2013 Optima - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1124 Release Date: ============= 2013-10-29 Vulnerability (09.12.2013)
 documentVulnerability Lab, Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability (09.12.2013)
 documentVulnerability Lab, pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities (09.12.2013)
 documentm.benetrix_(at)_e-secure.com.au, CSRF Horde Groupware Web mail Edition (09.12.2013)
 documentm.benetrix_(at)_e-secure.com.au, XSS and CSRF Horde Groupware Web mail Edition (09.12.2013)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system (09.12.2013)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" (09.12.2013)
 documentiedb.team_(at)_gmail.com, wordpress jigoshop Plugin path disclosure vulnerabilities (09.12.2013)
 documentadvisories_(at)_enkomio.com, [SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting (09.12.2013)
 documentadvisories_(at)_redfsec.com, Vulnerability in Pydio/AjaXplorer <= 5.0.3 (09.12.2013)
 documentadvisories_(at)_redfsec.com, Vulnerability in Pydio/AjaXplorer <= 5.0.3 (09.12.2013)
 documentDEBIAN, [SECURITY] [DSA 2794-1] spip security update (09.12.2013)
 documentMANDRIVA, [ MDVSA-2013:256 ] apache-mod_fcgid (09.12.2013)
 documentUBUNTU, [USN-2028-1] Apache XML Security for Java vulnerability (09.12.2013)
 documentUBUNTU, [USN-2029-1] Apache Commons FileUpload vulnerability (09.12.2013)
 documentMustLive, Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 (09.12.2013)
 documentadvisories_(at)_enkomio.com, [SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities (09.12.2013)
 documentEMC, ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities (09.12.2013)
 documentiedb.team_(at)_gmail.com, Mybb Ajaxfs Plugin Sql Injection vulnerability (09.12.2013)
 documentOPENXCHANGE, Open-Xchange Security Advisory 2013-11-25 (09.12.2013)
 documentMANDRIVA, [ MDVSA-2013:285 ] bugzilla (09.12.2013)
 documentMANDRIVA, [ MDVSA-2013:287 ] drupal (09.12.2013)
 documentVulnerability Lab, NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability (09.12.2013)
 documentnoreply_(at)_ptsecurity.com, [PT-2013-63] Hash Length Extension in HTMLPurifier (09.12.2013)
 documentHigh-Tech Bridge Security Research, Remote Code Execution in Microweber (09.12.2013)
 documentHigh-Tech Bridge Security Research, SQL Injection in appRain (09.12.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Zikula Application Framework (09.12.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin (09.12.2013)
 documentHigh-Tech Bridge Security Research, Multiple Cross-Site Scripting (XSS) in Claroline (09.12.2013)
 documentHigh-Tech Bridge Security Research, SQL Injection in Dokeos (09.12.2013)
 documentHigh-Tech Bridge Security Research, SQL Injection in Chamilo LMS (09.12.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Jamroom (09.12.2013)
 documentMustLive, XXE Injection in Spring Framework (09.12.2013)
 documentMustLive, XSS and FPD vulnerabilities in LBG Zoom In/Out Effect Slider for WordPress (09.12.2013)
 documentMustLive, BF, LE and IAA vulnerabilities in InstantCMS (09.12.2013)
 documentMustLive, Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 (09.12.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod