Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:1 декабря 2010 г.
Источник:
SecurityVulns ID:11274
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:PHPMYADMIN : phpMyAdmin 3.3
 BTNET : BugTracker.NET 3.4
 ELXIS : Elxis CMS 2009.2
 DIGITALUS : Digitalus 1.10
 PANDORA : PandoraFMS 3,1
 WERNHART : Wernhart Guestbook 2001,03
 ORBISCMS : Orbis CMS 1.0
 FABRICAENGINE : Fabrica Engine 2.1
 BRAVENEWCODE : BraveNewCode 1.9
 DYNPG : DynPG 4.2
 ECLIME : Eclime 1.1
 LINKPROTECT : Link Protect 1.2
 APACHE : Archiva 1.3
 ALGUEST : Alguest 1.1
CVE:CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web script or HTML via a crafted request.)
 CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the argv[1] parameter.)
 CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php.)
 CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code by using a page parameter containing a UNC share pathname, which bypasses the check for the : (colon) character.)
 CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estado_agente action to index.php, related to operation/agentes/estado_agente.php.)
 CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which allows remote attackers to bypass authentication by sending a request to index.php with "admin" in the loginhash_user parameter, in conjunction with the md5 hash of "admin" in the loginhash_data parameter.)
 CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php.)
 CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of administrators for requests that modify credentials.)
 CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information.)
 CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information.)
Оригинальный текстdocumentAliaksandr Hartsuyeu, [eVuln.com] Multiple XSS in Alguest (01.12.2010)
 documentMANDRIVA, [ MDVSA-2010:244 ] phpmyadmin (01.12.2010)
 documentAPACHE, [CVE-2010-3449] Apache Archiva CSRF Vulnerability (01.12.2010)
 documentAlen Pagnien, Link Protect 1.2 XSS Vulnerabilities (01.12.2010)
 documentHigh-Tech Bridge Security Research, XSS in WPTouch wordpress plugin (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in Elxis CMS (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in Elxis CMS (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in DynPG (01.12.2010)
 documentHigh-Tech Bridge Security Research, Path disclosure in DynPG (01.12.2010)
 documentHigh-Tech Bridge Security Research, LFI in DynPG (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in Eclime (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in Enano CMS (01.12.2010)
 documentHigh-Tech Bridge Security Research, Path disclosure in Enano CMS (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in Eclime (01.12.2010)
 documentHigh-Tech Bridge Security Research, XSS in Eclime (01.12.2010)
 documentHigh-Tech Bridge Security Research, SQL Injection in Eclime (01.12.2010)
 documentMustLive, Уязвимости в Fabrica Engine (01.12.2010)
 documentAlen Pagnien, OsCSS Remote File Upload Exploit (01.12.2010)
 documentAlen Pagnien, OsCSS 1.2.2a Authentication Bypass (01.12.2010)
 documentAlen Pagnien, DibaCommerce Authentication Bypass (01.12.2010)
 documentMark Stanislav, 'Orbis CMS' Arbitrary Script Execution Vulnerability (CVE-2010-4313) (01.12.2010)
 documentAliaksandr Hartsuyeu, [eVuln.com] Multiple XSS inj in Wernhart Guestbook (01.12.2010)
 documentAliaksandr Hartsuyeu, [eVuln.com] Multiple SQL injections in Wernhart Guestbook (01.12.2010)
 documentJuan Galiana Lara, Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities (01.12.2010)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net (01.12.2010)
 documenteidelweiss_(at)_windowslive.com, Digitalus 1.10.0 Alpha2 Arbitrary File Upload vulnerability.txt (01.12.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород