Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:24 августа 2015 г.
Источник:
SecurityVulns ID:14657
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:JOOMLA : VirtueMart 3.0
 APACHE : Flex BlazeDS 4.7
 OPENTEXT : Secure MFT 2014 R2
 VBULLETIN : vBulletin 4.2
 ZEND : ZendFramework 1.12
 REQUESTTRACKER : request-tracker 4.2
 PAGE2FLIP : Page2Flip 2.5
 WEBSOLUTIONS : WebSolutions Design Content Management System 2015 Q3
 RUBY : rack 1.5
 WORDPRESS : qTranslate 2.5
 PHPFILEMANAGE : phpFileManager 0.9
 SNORBY : Snorby 2.6
 BIZIDEA : bizidea Design CMS 2015Q3
 PHPIPAM : phpipam 1.1
 DJANGO : django 1.7
 PHPFILENAVIGATOR : PHPfileNavigator 2.3
CVE:CVE-2015-5964 (The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.)
 CVE-2015-5963 (contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.)
 CVE-2015-5951
 CVE-2015-5734 (Cross-site scripting (XSS) vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string.)
 CVE-2015-5732 (Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title.)
 CVE-2015-5731 (Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action.)
 CVE-2015-5730 (The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress before 4.2.4 does not use a constant-time comparison for widgets, which allows remote attackers to conduct a timing side-channel attack by measuring the delay before inequality is calculated.)
 CVE-2015-5623 (WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action to wp-admin/post.php.)
 CVE-2015-5622 (Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php.)
 CVE-2015-5535 (Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the qtranslate page to wp-admin/options-general.php.)
 CVE-2015-5475 (Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.)
 CVE-2015-5161 (The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.)
 CVE-2015-3269 (Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.)
 CVE-2015-3225 (lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.)
 CVE-2015-2213
Оригинальный текстdocumenterlijn.vangenuchten_(at)_syss.de, [SYSS-2015-026] Denial of Service (CWE-730) and Overly Restrictive Account Lockout Mechanism (CWE-645) in Page2Flip Premium App 2.5 (24.08.2015)
 documenterlijn.vangenuchten_(at)_syss.de, [SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 (24.08.2015)
 documenterlijn.vangenuchten_(at)_syss.de, [SYSS-2015-028] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 (24.08.2015)
 documenterlijn.vangenuchten_(at)_syss.de, [SYSS-2015-029] Insecure Direct Object Reference (CWE-932) in Page2Flip Premium App 2.5 (24.08.2015)
 documenterlijn.vangenuchten_(at)_syss.de, [SYSS-2015-030] Improper Handling of Insufficient Privileges (CWE-274) in Page2Flip Premium App 2.5 (24.08.2015)
 documenterlijn.vangenuchten_(at)_syss.de, [SYSS-2015-032] Broken Authentication and Session Management (CWE-930) in Page2Flip Premium App 2.5 (24.08.2015)
 documenterlijn.vangenuchten_(at)_syss.de, SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5 (24.08.2015)
 document Federico Fazzi, -------------------------------------------------------- Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability -------------------------------------------------------- Vendor ------ https://www.snorby.org/ Version ------- 2.6.2 Descriptio (24.08.2015)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in qTranslate WordPress Plugin (24.08.2015)
 documenthyp3rlinx_(at)_lycos.com, phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability (24.08.2015)
 documenthyp3rlinx_(at)_lycos.com, phpFileManager 0.9.8 Remote Command Execution (24.08.2015)
 documentDEBIAN, [SECURITY] [DSA 3322-1] ruby-rack security update (24.08.2015)
 documentDEBIAN, [SECURITY] [DSA 3328-1] wordpress security update (24.08.2015)
 documentjakub.palaczynski_(at)_ingservicespolska.pl, Thomson Reuters FATCA - Arbitrary File Upload (24.08.2015)
 documentFerrari - PHP CGI Argument Injection (RCE) Vulnerability, Ferrari - PHP CGI Argument Injection (RCE) Vulnerability (24.08.2015)
 documentDEBIAN, [SECURITY] [DSA 3332-1] wordpress security update (24.08.2015)
 documentapparitionsec_(at)_gmail.com, phpipam-1.1.010 XSS Vulnerability (24.08.2015)
 documentapparitionsec_(at)_gmail.com, phpipam-1.1.010 XSS Vulnerability (24.08.2015)
 documentapparitionsec_(at)_gmail.com, PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users (24.08.2015)
 documentapparitionsec_(at)_gmail.com, PHPfileNavigator 2.3.3 Persistent & Reflected XSS (24.08.2015)
 documentVulnerability Lab, bizidea Design CMS 2015Q3 - SQL Injection Vulnerability (24.08.2015)
 documentDEBIAN, [SECURITY] [DSA 3335-1] request-tracker4 security update (24.08.2015)
 documentJoshua Rogers, vBulletin x.x.x rce "0day" (24.08.2015)
 documentUBUNTU, [USN-2720-1] Django vulnerability (24.08.2015)
 documentadrian.vollmer_(at)_syss.de, [SYSS-2015-041] XSS in OpenText Secure MFT (24.08.2015)
 documentAPACHE, CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability (24.08.2015)
 documentDEBIAN, [SECURITY] [DSA 3340-1] zendframework security update (24.08.2015)
 documentVulnerability Lab, WebSolutions India Design CMS - SQL Injection Vulnerability (24.08.2015)
 documentVulnerability Lab, UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability (24.08.2015)
 documentVulnerability Lab, UBNT Bug Bounty #3 - Persistent Filename Vulnerability (24.08.2015)
 documentMustLive, Vulnerability in VirtueMart for Joomla (24.08.2015)
 documentShelesh Rauthan, Design Infotech CMS - SQL Injection Vulnerability (24.08.2015)
 documentShelesh Rauthan, AN IT CMS - SQL Injection Vulnerability (24.08.2015)
 documentShelesh Rauthan, 3KITS CMS - SQL Injection Vulnerability (24.08.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород