Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:2 января 2015 г.
Источник:
SecurityVulns ID:14189
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WORDPRESS : Cforms 14.7
 MANTIS : mantis 1.2
 OSCLASS : OsClass 3.4
 SYMANTEC : Symantec Web Gateway 5.2
CVE:CVE-2014-8085 (Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass before 3.4.3 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.)
 CVE-2014-8084 (Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass before 3.4.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.)
 CVE-2014-8083 (SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote attackers to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.)
 CVE-2014-7862
 CVE-2014-7285 (The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.)
 CVE-2014-7146 (The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.)
Оригинальный текстdocumentz.fedotkin_(at)_infosec.ru, Remote Code Execution via Unauthorised File upload in Cforms 14.7 (02.01.2015)
 documentPedro Ribeiro, [The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central (02.01.2015)
 documentEgidio Romano, [KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability (02.01.2015)
 documentEgidio Romano, [KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability (02.01.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород