Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.07.2015
Source:
SecurityVulns ID:14590
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MERETHIS : Centreon 2.5
 WORDPRESS : easy2map-photos 1.09
 SNORBY : Snorby 2.6
 ZENPHOTO : ZenPhoto 1.4
 WORDPRESS : wp-ecommerce-shop-styling 2.5
 WORDPRESS : easy2map 1.24
 DJANGO : django 1.7
 PHPLITEADMIN : phpLiteAdmin 1.1
 CYGNUS : sysPass 1.0
 AJAXCONTROLTOOLK : AjaxControlToolkit 15.0
CVE:CVE-2015-5144 (Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an (1) email message to the EmailValidator, a (2) URL to the URLValidator, or unspecified vectors to the (3) validate_ipv4_address or (4) validate_slug validator.)
 CVE-2015-5143 (The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.)
 CVE-2015-4670 (Directory traversal vulnerability in the AjaxFileUpload control in DevExpress AJAX Control Toolkit (aka AjaxControlToolkit) before 15.1 allows remote attackers to write to arbitrary files via a .. (dot dot) in the fileId parameter to AjaxFileUploadHandler.axd.)
 CVE-2015-4617
 CVE-2015-4616 (Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.5 for WordPress allows remote attackers to create arbitrary files via a .. (dot dot) in the map_id parameter.)
 CVE-2015-4615
 CVE-2015-4614 (Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin before 1.2.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the mapName parameter in an e2m_img_save_map_name action to wp-admin/admin-ajax.php and other unspecified vectors.)
 CVE-2015-1561 (The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ns_id parameter.)
 CVE-2015-1560 (SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter to include/common/XmlTree/GetXmlTree.php.)
Original documentdocumentBrian Cardinale, CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal (14.07.2015)
 documentdisclosure_(at)_syss.de, [SYSS-2015-031] sysPass - SQL Injection (14.07.2015)
 documentapparitionsec_(at)_gmail.com, phpSQLiteCMS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS (14.07.2015)
 documentTim, SQL Injection, Reflected XSS, Path Traversal, Function Execution in ZenPhoto 1.4.8 (14.07.2015)
 documentapparitionsec_(at)_gmail.com, phpLiteAdmin v1.1 CSRF & XSS Vulnerabilities (14.07.2015)
 document Federico Fazzi, Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability (14.07.2015)
 documentAlessandro Zala, CVE-2015-3442 Authentication Bypass in Xpert.Line Version 3.0 (14.07.2015)
 documentlarry0_(at)_me.com, SQL Injection in easy2map wordpress plugin v1.24 (14.07.2015)
 documentlarry0_(at)_me.com, Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 (14.07.2015)
 documentlarry0_(at)_me.com, SQL Injection in easy2map-photos wordpress plugin v1.09 (14.07.2015)
 documenthdau_(at)_deloitte.fr, Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution (14.07.2015)
 documentUBUNTU, [USN-2671-1] Django vulnerabilities (14.07.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod