Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:19 марта 2012 г.
Источник:
SecurityVulns ID:12275
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:MOODLE : moodle 1.9
 WEBGLIMPSE : Webglimpse 2.18
 BUGZILLA : Bugzilla 4.2
 OSCLASS : OSClass 2.3
 11IN1 : 11in1 1.2
 WIKIDFORUM : Wikidforum 2.10
 WIKYBLOG : WikyBlog 1.7
 SINOLOGY : Photo Station 5
 ICINITI : Iciniti Store 4.3
 SAP : SAP Business Objects XI R2
 ILIENT : SysAid 8.5
 BARRACUDANETWORK : Barracuda Web Application Firewall 660
 RIVETCODE : rivettracker 1.03
 FORKCMS : Fork CMS 3.2
 OPENREALTY : Open-Realty CMS 2.5
 ETANO : Etano 1.22
 TSHEETX : Timesheet Next Gen 1.5
 SYMFONY2 : Symfony2 2.0
 IMGPALS : ImgPals Photo Host 1.0
 OSQA : OSQA CMS 3b
 WOLFCMS : Wolf CMS 0.7
 KONGREG8 : Kongreg8 1.7
 MOVABLETYPE : Movable Type 5.13
 PHPGIFTREG : PHP Gift Registry 1.5
 YVS : YVS Image Gallery 0.0
 PHPSEARCHENG : Mobile Mp3 Search Engine 2.0
 CHYRP : Chyrp 2.5
 ELEFANTCMS : Elefant CMS 1.1
 EJBCA : Enterprise Java Beans Certificate Authority 4.0
 PHPMYVISITES : phpMyVisites 2.4
 SPAMBOTSECURITY : ZB BLOCK 0.4
 AURORA : Aurora WebOPAC 3.5
CVE:CVE-2012-1296 (Multiple cross-site scripting (XSS) vulnerabilities in apps/admin/handlers/preview.php in Elefant CMS 1.0.x before 1.0.2-Beta and 1.1.x before 1.1.5-Beta allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body parameter to admin/preview.)
 CVE-2012-1295
 CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.)
 CVE-2012-1188 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en/error or (3) name parameter to private/en/locale/index.)
 CVE-2012-1001
 CVE-2012-0869 (Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.)
 CVE-2012-0796 (class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.)
 CVE-2012-0795 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address.)
 CVE-2012-0794 (The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution.)
 CVE-2012-0793 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.)
 CVE-2012-0792 (mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.)
 CVE-2011-4588 (The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect data type, which allows remote attackers to bypass intended IP address restrictions via an XMLRPC request.)
 CVE-2011-4587 (lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attackers to obtain access by leveraging the possible existence of user accounts that have unchangeable blank passwords.)
 CVE-2011-4586 (CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.)
 CVE-2011-4585 (login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password form even if the httpslogin option is enabled, which allows remote attackers to obtain credentials by sniffing the network.)
 CVE-2011-4584 (The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Mahara site.)
 CVE-2011-4308 (mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.)
Оригинальный текстdocumentlists_(at)_senseofsecurity.com, Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004 (19.03.2012)
 documentMustLive, Brute Force и XSS уязвимости в Webglimpse (19.03.2012)
 documentchin4b0y, Vulnerability Description: XSS-(CROSS SITE SCRIPTING VULNERABILITIES) (ZAPHOD BREEBLEBROX'S BLOCKER A.K.A. ZB BLOCK) (19.03.2012)
 documentchin4b0y, phpMyVisites 2.4_XSS (19.03.2012)
 documentMustLive, Многочисленные уязвимости в EJBCA (19.03.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Elefant CMS (19.03.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS in Chyrp (19.03.2012)
 documentDEBIAN, [SECURITY] [DSA 2414-1] fex security update (19.03.2012)
 documentCorryL, Mobile Mp3 Search Engine HTTP Response Splitting (19.03.2012)
 documentCorryL, YVS Image Gallery Sql injection (19.03.2012)
 documentLpSolit_(at)_gmail.com, Security advisory for Bugzilla 4.2 and 4.0.5 (19.03.2012)
 documentdemonalex_(at)_163.com, CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability (19.03.2012)
 documentThomas Richards, PHP Gift Registry 1.5.5 SQL Injection (19.03.2012)
 documentThomas Richards, Kongreg8 1.7.3 Mutiple XSS (19.03.2012)
 documentmkey_(at)_freemail.hu, FrameJammer DOM based XSS (19.03.2012)
 documenthenri_(at)_nerv.fi, Case YVS Image Gallery (19.03.2012)
 documentVulnerability Lab, OSQA CMS v3b - Multiple Persistent Vulnerabilities (19.03.2012)
 documentVulnerability Lab, Wolf CMS v0.7.5 - Multiple Web Vulnerabilities (19.03.2012)
 documentCorryL, ImgPals Photo Host Version 1.0 Admin Account Disactivation (19.03.2012)
 documentDEBIAN, [SECURITY] [DSA 2421-1] moodle security update (19.03.2012)
 documentDEBIAN, [SECURITY] [DSA 2423-1] movabletype-opensource security update (19.03.2012)
 documentdemonalex_(at)_163.com, Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability (19.03.2012)
 documentlists_(at)_senseofsecurity.com, Symfony2 Local File Disclosure - Security Advisory - SOS-12-002 (19.03.2012)
 documentThomas Richards, Timesheet Next Gen 1.5.2 Multiple SQLi (19.03.2012)
 documentYGN Ethical Hacker Group, Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability (19.03.2012)
 documentYGN Ethical Hacker Group, Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities (19.03.2012)
 document[email protected], 11in1 CMS v1.2.1 - SQL Injection Vulnerabilities (19.03.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS in Fork CMS (19.03.2012)
 documentali.raheem_(at)_gmail.com, Multiple SQL injections in rivettracker <=1.03 (19.03.2012)
 documentFilippo Cavallarin, OSClass directory traversal (leads to arbitrary file upload) (19.03.2012)
 documentVulnerability Lab, Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities (19.03.2012)
 documentvulns_(at)_dionach.com, SAP Business Objects XI R2 Infoview Multiple XSS (19.03.2012)
 documentlists_(at)_senseofsecurity.com, Iciniti Store SQL Injection - Security Advisory - SOS-12-003 (19.03.2012)
 documentsimon.ganiere_(at)_gmail.com, Synology Photo Station 5 - Reflected Cross-Site Scripting (19.03.2012)
 documentsschurtz_(at)_darksecurity.de, Wikidforum 2.10 Multiple security vulnerabilities (19.03.2012)
 documentsschurtz_(at)_darksecurity.de, WikyBlog 1.7.3RC2 XSS vulnerability (19.03.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород