Code-Authors Welcome Guest | Login or Register

0 comments · 0 comments *Friday 29 Dec 2006* | *Guardian* | *Joomla*

TITLE:
Joomla! Cross-Site Scripting and Unspecified Vulnerabilities

SECUNIA ADVISORY ID:
SA23563

VERIFY ADVISORY:
http://secunia.com/advisories/23563/

CRITICAL:
Less critical

IMPACT:
Unknown, Cross Site Scripting

WHERE:
From remote

SOFTWARE:
Joomla! 1.x
http://secunia.com/product/5788/

DESCRIPTION:
Some vulnerabilities have been reported in Joomla!, where some have
unknown impacts and one can be exploited by malicious people to conduct
cross-site scripting attacks.

1) Input passed to an unspecified parameter is not properly sanitised
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user’s browser session in context of
an affected site.

2) The vulnerabilities are caused due to unspecified errors in Joomla!.
The vendor describes them as “several low level security issues”. No
further information is currently available.

The vulnerabilities are reported in version 1.0.11. Prior versions may
also be affected.

SOLUTION:
Update to version 1.0.12.

PROVIDED AND/OR DISCOVERED BY:
1) Fukumori
2) Reported by the vendor.

ORIGINAL ADVISORY:
1) http://jvn.jp/jp/JVN%2345006961/index.html
2) http://www.joomla.org/content/view/2446/1/

0 comments · 0 comments *Friday 29 Dec 2006* | *Guardian* | *PHP Scripts*

TITLE:
WebText CMS PHP Command Injection Vulnerability

SECUNIA ADVISORY ID:
SA23574

VERIFY ADVISORY:
http://secunia.com/advisories/23574/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
WebText CMS 0.x
http://secunia.com/product/13013/

DESCRIPTION:
Kacper has discovered a vulnerability in WebText CMS, which can be
exploited by malicious users to compromise a vulnerable system.

Input passed to the “im” parameter when editing user profiles is not
properly sanitised before being stored in a PHP file. This can be
exploited to inject arbitrary PHP commands, which are executed when
invoking the stored PHP file.

The vulnerability is confirmed in version 0.4.5.2. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Kacper

Code-Authors Welcome Guest | Login or Register

December 2006

[Joomla] Joomla! Cross-Site Scripting and Unspecified Vulnerabilitie

[PHP Scripts] WebText CMS PHP Command Injection Vulnerabilit

Search

Categories

Archives

Pages