Posts Tagged ‘ закрпа ’
The plugin suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the ‘alert’ GET parameter in the ‘page.php’ script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session.
Advisory ID: ZSL-2013-5141
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5141.php
CMSLogik suffers from multiple stored XSS, arbitrary file upload and user enumeration weakness.
Advisories:
CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities
CMSLogik 1.2.1 (user param) User Enumeration Weakness
CMSLogik 1.2.1 (upload_file_ajax()) Shell Upload Exploit
OpenEMR suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the ‘site’ GET parameter in the central ‘globals.php’ script which is called by every script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session.
Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5129.php
Vendor: http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
Squirrelcart suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the ‘table’ GET parameter in the ‘index.php’ script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session.
Vendor:
–
Squirrelcart Security Patch #SC130218
Release date: 02/19/2013
XSS (Cross Site Scripting) vulnerability patch
Affected Squirrelcart versions: v2.0.0 – 3.5.4
How to find your version number:
———————————————————————
You can locate your Squirrelcart version in the upper right hand corner of your control panel.
Patch Info and Instructions
———————————————————————
This is a patch for protecting against a XSS (Cross Site Scripting) vulnerability that was discovered on 02/19/2013 by Zero Science Lab:
http://www.zeroscience.mk/. This vulnerability is due to the table parameter passed in the control panel not being sanitized properly,
and can result in HTML or Javascript being inserted into the page.
–
http://www.squirrelcart.com/downloads.php
http://www.squirrelcart.com/index.php?downloads=1&id=123
ZSL Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5128.php
The Tri-Agency Climate Education (TrACE) Catalog provides search and browse access to a catalog of educational products and resources. TrACE focuses on climate education resources that have been developed by initiatives funded through NASA, NOAA, and NSF, comprising a tri-agency collaboration around climate education.
The application suffers from a reflected cross-site scripting vulnerability when input is passed to the ‘product_id’, ‘pi’, ‘project_id’ and ‘funder’ GET parameters in ‘trace_results.php’ script which is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. The application also suffers from an SQL Injection vulnerabilities when input is passed to the ‘product_id’ and ‘grade’ GET parameters in ‘trace_results.php’ script which is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Advisories:
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5111.php
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5112.php
ViArt Shop suffers from multiple stored cross-site scripting vulnerabilities. The issues are triggered when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. Also, the software suffers from remote arbitrary command execution vulnerability when input passed to the ‘DATA’ POST parameter in ‘sips_response.php’ is not properly sanitised before being used to process product payment data. This can be exploited to execute arbitrary commands via specially crafted requests.
Advisories:
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5108.php
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5109.php
IBM System Storage DS Storage Manager Profiler suffers from an SQL Injection and a Cross-Site Scripting (XSS) vulnerability. Input passed via the GET parameter ‘selectedModuleOnly’ in ‘ModuleServlet.do’ script is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The GET parameter ‘updateRegn’ in the ‘SoftwareRegistration.do’ script is vulnerable to a XSS issue where the attacker can execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
ZSL Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5094.php
IBM Advisory: https://www.ibm.com/connections/blogs/PSIRT/entry/secbulletin_stg-storage_cve-2012-2171_cve-2012-2172
The vulnerability is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a heap based buffer overflow when a user opens e.g. a specially crafted .M3U file. Successful exploitation could allow execution of arbitrary code on the affected node.
Apple: http://support.apple.com/kb/HT5318
ZSL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5093.php
PyroCMS suffers from a stored XSS and HTTP Response Splitting vulnerability when parsing user input to the ‘title’ and ‘redirect_to’ parameters via POST method thru ‘index.php’ script. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user’s browser session or insert arbitrary HTTP headers, which are included in a response sent to the user.
Advisory ID: ZSL-2012-5092
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5092.php
Baby Gekko CMS suffers from multiple stored (post-auth) XSS vulnerabilities and path disclosure issues when parsing user input to several parameters via GET and POST method. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session or disclose the full installation path of the affected CMS.
——————————————————————————–
Reflected (Non-Persistent) XSS:
1. username
2. password
3. verification_code
4. email_address
5. password_verify
6. firstname
7. lastname
Stored (Persistent) XSS:
8. groupname
9. virtual_filename
10. branch
11. contact_person
12. street
13. city
14. province
15. postal
16. country
17. tollfree
18. phone
19. fax
20. mobile
21. title
22. meta_key
23. meta_description
——————————————————————————–
Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5086.php
Vendor: http://www.babygekko.com/site/news/general/baby-gekko-v1-2-0-released-with-3rd-party-independent-security-testing-performed-by-zero-science-lab.html
IT.com.mk Exploit Database