Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.01.2015
Source:
SecurityVulns ID:14189
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : Cforms 14.7
 MANTIS : mantis 1.2
 OSCLASS : OsClass 3.4
 SYMANTEC : Symantec Web Gateway 5.2
CVE:CVE-2014-8085 (Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass before 3.4.3 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.)
 CVE-2014-8084 (Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass before 3.4.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.)
 CVE-2014-8083 (SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote attackers to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.)
 CVE-2014-7862
 CVE-2014-7285 (The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.)
 CVE-2014-7146 (The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.)
Original documentdocumentz.fedotkin_(at)_infosec.ru, Remote Code Execution via Unauthorised File upload in Cforms 14.7 (02.01.2015)
 documentPedro Ribeiro, [The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central (02.01.2015)
 documentEgidio Romano, [KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability (02.01.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod