Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:10 января 2013 г.
Источник:
SecurityVulns ID:12819
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:TOMATOCART : TomatoCart 1.1
 OPENSOLUTION : Quick.Cms 5.0
 OPENSOLUTION : Quick.Cart 6.0
 RAILS : Ruby on Rails 3.0
 RUBY : Ruby on Rails 3.1
 RUBY : Ruby on Rails 3.2
 WEECHAT : WeeChat 0.3
 ZEND : Zend 1.11
CVE:CVE-2012-6497 (The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product.)
 CVE-2012-6496 (SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.)
 CVE-2012-6430 (Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.)
 CVE-2012-5664 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6496, CVE-2012-6497. Reason: this candidate was intended for one issue, but the candidate was publicly used to label concerns about multiple products. Notes: All CVE users should consult CVE-2012-6496 and CVE-2012-6497 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2012-5657 (The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack.)
 CVE-2012-5534 (The hook_process function in the plugin API for WeeChat 0.3.0 through 0.3.9.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a command from a plugin, related to "shell expansion.")
 CVE-2011-1428 (Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect use of the GnuTLS API.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2602-1] zendframework security update (10.01.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart (10.01.2013)
 documentMustLive, New vulnerabilities in MODx Revolution (10.01.2013)
 documentYGN Ethical Hacker Group, TomatoCart 1.x | Cross Site Request Forgery Protection Bypass via JavaScript Hijacking (10.01.2013)
 documentYGN Ethical Hacker Group, TomatoCart 1.x | Unrestricted File Creation (10.01.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород