Computer Security
[EN] no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:13566
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MANTIS : MantisBT 1.2
 LEDGERSMB : LedgerSMB 1.3
 DOORGETS : doorGets 5.2
 AURACMS : AuraCMS 2.3
 HORDE : Horde 3.8
 WHCMS : Whmcs 5.12
 GPEASY : gpEasy 4.3
 PROJOOM : NovaSFH 3.0
 ATMAIL : Atmail 7.0
 PUBLISHIT : Publish-It 3.6
CVE:CVE-2014-1691 (The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.)
 CVE-2014-1609 (Multiple SQL injection vulnerabilities in MantisBT before 1.2.16 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to the (1) mc_project_get_attachments function in api/soap/mc_project_api.php; the (2) news_get_limited_rows function in core/news_api.php; the (3) summary_print_by_enum, (4) summary_print_by_age, (5) summary_print_by_developer, (6) summary_print_by_reporter, or (7) summary_print_by_category function in core/summary_api.php; the (8) create_bug_enum_summary or (9) enum_bug_group function in plugins/MantisGraph/core/graph_api.php; (10) bug_graph_bycategory.php or (11) bug_graph_bystatus.php in plugins/MantisGraph/pages/; or (12) proj_doc_page.php, related to use of the db_query function, a different vulnerability than CVE-2014-1608.)
 CVE-2014-1608 (SQL injection vulnerability in the mci_file_get function in api/soap/mc_file_api.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a mc_issue_attachment_get SOAP request.)
 CVE-2014-1459 (SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.)
 CVE-2014-1401 (Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php.)
 CVE-2014-0980 (Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file.)
Original documentdocumentChris Travers, Security advisory, LedgerSMB 1.3.0-1.3.36 (11.02.2014)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2014-0001 - Publish-It Buffer Overflow Vulnerability (11.02.2014)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Multiple reflected XSS vulnerabilities in Atmail WebMail (11.02.2014)
 documentadvisories_(at), CVE-2014-1214 - Remote Code Execution in Projoom NovaSFH Plugin (11.02.2014)
 documentjakx.ppr_(at), AlienVault OSSIM SQL Injection vulnerability (11.02.2014)
 documentVulnerability Lab, gpEasy v4.3.x CMS - Multiple Web Vulnerabilities (11.02.2014)
 documentiedb.team_(at), WHMCS Denial of Service Vulnerability (11.02.2014)
 documentAndrea Barisani, [oCERT-2014-001] MantisBT input sanitization errors (11.02.2014)
 documentDEBIAN, [SECURITY] [DSA 2853-1] horde3 security update (11.02.2014)
 documentHigh-Tech Bridge Security Research, SQL Injection in doorGets CMS (11.02.2014)
 documentHigh-Tech Bridge Security Research, Multiple SQL Injection Vulnerabilities in AuraCMS (11.02.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod