標籤 Information Security 下的所有文章

CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities

Computer virus.

CVE-2015-2242 – Webshop hun v1.062S SQL Injection Web Security Vulnerabilities



Exploit Title: CVE-2015-2242 Webshop hun v1.062S /index.php Multiple Parameters SQL Injection Web Security Vulnerabilities

Product: Webshop hun

Vendor: Webshop hun

Vulnerable Versions: v1.062S

Tested Version: v1.062S

Advisory Publication: Mar 04, 2015

Latest Update: Mar 04, 2015

Vulnerability Type: Improper Control of Generation of Code (‘Code Injection’) [CWE-94]

CVE Reference: CVE-2015-2242

CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Report and Credit: Jing Wang [School of Mathematical Sciences (001), University of Science and Technology of China (USTC)] (@justqdjing)








Persuasion Details:



(1) Vendor & Product Description:



Vendor:

Webshop hun



Product & Version:

Webshop hun

v1.062S



Vendor URL & Download:

Webshop hun can be token from here,

http://www.webshophun.hu/index



Product Introduction Overview:

Webshop hun is an online product sell web application system.


“If our webshop you want to distribute your products, but it is too expensive to find on the internet found solutions, select the Webshop Hun shop program and get web store for free and total maker banner must display at the bottom of the page 468×60 size. The download shop program, there is no product piece limit nor any quantitative restrictions, can be used immediately after installation video which we provide assistance.


“The Hun Shop store for a free for all. In our experience, the most dynamic web solutions ranging from our country. If the Webshop Hun own image does not suit you, you can also customize the look of some of the images and the corresponding text replacement, or an extra charge we can realize your ideas. The Webshop Hun pages search engine optimized. They made the Hun Shop web program to meet efficiency guidelines for the search engines. The pages are easy to read and contain no unnecessary HTML tags. Any web page is simply a few clicks away."






(2) Vulnerability Details:

Webshop hun web application has a computer security bug problem. It can be exploited by SQL Injection attacks. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Several similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. Webshop hun has patched some of them. Open Sourced Vulnerability Database (OSVDB) is an independent and open-sourced database. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promotes greater, open collaboration between companies and individuals. It has published suggestions, advisories, solutions details related to important vulnerabilities.


(2.1) The vulnerability occurs at “&termid" “&nyelv_id" parameters in “index.php?" page.







References:





CVE-2015-2243 Webshop hun v1.062S Directory Traversal Web Security Vulnerabilities

cloud_computing_coding_security_lock_thinkstock_466683417-100412455-primary.idge

 

CVE-2015-2243 Webshop hun v1.062S Directory Traversal Web Security Vulnerabilities



Exploit Title: CVE-2015-2243 Webshop hun v1.062S /index.php &mappa Parameter Directory Traversal Web Security Vulnerabilities

Product: Webshop hun

Vendor: Webshop hun

Vulnerable Versions: v1.062S

Tested Version: v1.062S

Advisory Publication: March 01, 2015

Latest Update: April 28, 2015

Vulnerability Type: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) [CWE-22]

CVE Reference: CVE-2015-2243

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Credit: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)








Introduction Details:



(1) Vendor & Product Description:



Vendor:

Webshop hun



Product & Version:

Webshop hun

v1.062S



Vendor URL & Download:

Webshop hun can be required from here,

http://www.webshophun.hu/index



Product Introduction Overview:

Webshop hun is an online product sell web application system.


“If our webshop you want to distribute your products, but it is too expensive to find on the internet found solutions, select the Webshop Hun shop program and get web store for free and total maker banner must display at the bottom of the page 468×60 size. The download shop program, there is no product piece limit nor any quantitative restrictions, can be used immediately after installation video which we provide assistance.


“The Hun Shop store for a free for all. In our experience, the most dynamic web solutions ranging from our country. If the Webshop Hun own image does not suit you, you can also customize the look of some of the images and the corresponding text replacement, or an extra charge we can realize your ideas. The Webshop Hun pages search engine optimized. They made the Hun Shop web program to meet efficiency guidelines for the search engines. The pages are easy to read and contain no unnecessary HTML tags. Any web page is simply a few clicks away."






(2) Vulnerability Details:

Webshop hun web application has a computer security bug problem. It can be exploited by Directory Traversal – Local File Include (LFI) attacks. A local file inclusion (LFI) flaw is due to the script not properly sanitizing user input, specifically path traversal style attacks (e.g. ‘../../’) supplied to the parameters. With a specially crafted request, a remote attacker can include arbitrary files from the targeted host or from a remote host . This may allow disclosing file contents or executing files like PHP scripts. Such attacks are limited due to the script only calling files already on the target host.

Several similar products vulnerabilities have been found by some other bug hunter researchers before. Webshop hun has patched some of them. The MITRE Corporation is a not-for-profit company that operates multiple federally funded research and development centers (FFRDCs), which provide innovative, practical solutions for some of our nation’s most critical challenges in defense and intelligence, aviation, civil systems, homeland security, the judiciary, healthcare, and cybersecurity. It has published suggestions, advisories, solutions details related to website vulnerabilities.



(2.1) The vulnerability occurs at “&mappa" parameter in “index.php?" page.








References:

http://tetraph.com/security/directory-traversal-vulnerability/webshop-hun-v1-062s-directory-traversal-security-vulnerabilities/

http://securityrelated.blogspot.sg/2015/03/webshop-hun-v1062s-directory-traversal.html

http://packetstormsecurity.com/files/130653/Webshop-Hun-1.062S-Directory-Traversal.html

http://marc.info/?l=full-disclosure&m=142551569801614&w=4

http://lists.openwall.net/full-disclosure/2015/03/05/5

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01902.html

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1666

http://seclists.org/fulldisclosure/2015/Mar/26

http://lists.kde.org/?a=139222176300014&r=1&w=2

http://webcabinet.tumblr.com/post/118677916572/cve-2015-2243-webshop-hun-v1-062s-directory

https://computerpitch.wordpress.com/2015/05/11/cve-2015-2243-webshop-hun-v1-062s-directory-traversal-web-security-vulnerabilities/

http://www.covertredirect.com/tech/

https://plus.google.com/+essayjeans/posts/4yoeMytdEKx

http://whitehatpost.blog.163.com/blog/static/242232054201541122051794/

http://user.qzone.qq.com/2519094351/blog/1431325305

https://www.facebook.com/permalink.php?story_fbid=734394456671300&id=660347734075973

http://germancast.blogspot.de/2015/05/cve-2015-2243-webshop-hun-v1062s.html

https://twitter.com/essayjeans/status/597645566760226816

http://ittechnology.lofter.com/post/1cfbf60d_6eb449f

Proverbs Web Calendar 2.1.2 XSS (Cross-site Scripting) Security Vulnerabilities

Hacker Research Topics

iStock_000007384492-keyboard_5

Proverbs Web Calendar 2.1.2 XSS (Cross-site Scripting) Security Vulnerabilities

Exploit Title: Proverbs Web Calendar /calendar.php Multiple Parameters XSS (Cross-site Scripting) Security Vulnerabilities

Vendor: Proverbs

Product: Proverbs Web Calendar

Vulnerable Versions: 1.0.0 1.1 1.2.2 2.1 2.1.2

Tested Version: 1.2.2 2.1

Advisory Publication: April 03, 2015

Latest Update: April 03, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

Suggestion Details:


(1) Vendor & Product Description:


Vendor:

Proverbs

Product & Vulnerable Versions:

Proverbs Web Calendar

1.0.0

1.1

1.2.2

2.1

2.1.2

Vendor URL:

http://www.proverbs.biz/

Download:

Proverbs Web Calendar can be obtained from here,

http://www.proverbsllc.com/demos/calendar/calendar.php

http://www.hotscripts.com/listing/proverbs-web-calendar/

http://www.c-point.com/free_php_scripts/calendar.php

http://www.html.it/articoli/proverbs-php-web-calendar-v-100-1/

Product Introduction Overview:

“This is a web event calendar developed using PHP and powered by MySQL. The calendar is viewed in month format initially with a…

View original post 詳見內文:約166字

6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities

Hacker Research Topics

stock-footage-digital-code-binary-computer-background-series-version-from-to

6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities

Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities

Vendor: 6kbbs

Product: 6kbbs

Vulnerable Versions: v7.1 v8.0

Tested Version: v7.1 v8.0

Advisory Publication: April 02, 2015

Latest Update: April 02, 2015

Vulnerability Type: Cross-Site Request Forgery (CSRF) [CWE-352]

CVE Reference: *

CVSS Severity (version 2.0):

CVSS v2 Base Score: 6.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 8.6

Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

Suggestion Details:

(1) Vendor & Product Description:


Vendor:

6kbbs

Product & Vulnerable Versions:

6kbbs

v7.1

v8.0

Vendor URL & download:

6kbbs can be gain from here,

http://www.6kbbs.com/download.html

http://en.sourceforge.jp/projects/sfnet_buzhang/downloads/6kbbs.zip/

Product Introduction Overview:

“6kbbs V8.0 is a PHP + MySQL built using high-performance forum, has the code simple, easy to use, powerful, fast and so on. It is an excellent community forum program. The program is simple but not simple; fast, small…

View original post 詳見內文:約407字

6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities

Hacker Research Topics

stock-footage-digital-code-binary-computer-background-series-version-from-to

6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities

Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities

Vendor: 6kbbs

Product: 6kbbs

Vulnerable Versions: v7.1 v8.0

Tested Version: v7.1 v8.0

Advisory Publication: April 02, 2015

Latest Update: April 02, 2015

Vulnerability Type: Cross-Site Request Forgery (CSRF) [CWE-352]

CVE Reference: *

CVSS Severity (version 2.0):

CVSS v2 Base Score: 6.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 8.6

Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

Suggestion Details:

(1) Vendor & Product Description:


Vendor:

6kbbs

Product & Vulnerable Versions:

6kbbs

v7.1

v8.0

Vendor URL & download:

6kbbs can be gain from here,

http://www.6kbbs.com/download.html

http://en.sourceforge.jp/projects/sfnet_buzhang/downloads/6kbbs.zip/

Product Introduction Overview:

“6kbbs V8.0 is a PHP + MySQL built using high-performance forum, has the code simple, easy to use, powerful, fast and so on. It is an excellent community forum program. The program is simple but not simple; fast, small…

View original post 詳見內文:約407字

6kbbs v8.0 SQL Injection Security Vulnerabilities

Hacker Research Topics

07_phone_security_g_w

6kbbs v8.0 SQL Injection Security Vulnerabilities

Exploit Title: 6kbbs Multiple SQL Injection Security Vulnerabilities

Vendor: 6kbbs

Product: 6kbbs

Vulnerable Versions: v7.1 v8.0

Tested Version: v7.1 v8.0

Advisory Publication: April 01, 2015

Latest Update: April 01, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

Suggestion Details:



(1) Vendor & Product Description:



Vendor:

6kbbs

Product & Vulnerable Versions:

6kbbs

v7.1

v8.0

Vendor URL & download:

6kbbs can be obtained from here,

http://www.6kbbs.com/download.html

http://www.bvbcode.com/code/93n8as2z-down

Product Introduction Overview:

“6kbbs V8.0 is a PHP + MySQL built using high-performance forum, has the code simple, easy to use, powerful, fast and so on. It is an excellent community forum program. The program is simple but…

View original post 詳見內文:約247字

NetCat CMS Multiple HTTP Response Splitting (CRLF) Security Vulnerabilities

IT Swift - Know IT News Swiftly

netcat_ru_5

NetCat CMS Multiple HTTP Response Splitting (CRLF) Security Vulnerabilities

Exploit Title: NetCat CMS Multiple CRLF Security Vulnerabilities

Product: NetCat CMS (Content Management System)

Vendor: NetCat

Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1

Tested Version: 3.12

Advisory Publication: Mar 07, 2015

Latest Update: Mar 07, 2015

Vulnerability Type: Improper Neutralization of CRLF Sequences (‘CRLF Injection’) [CWE-93]

CVE Reference: *

Credit: Wang Jing [Mathematics, Nanyang Technological University (NTU), Singapore]

Advisory Details:



(1) Vendor & Product Description:



Vendor:

NetCat

Product & Version:

NetCat

5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1

Vendor URL & Download:

NetCat can be got from here,

http://netcat.ru/

Product Introduction:

NetCat.ru is russian local company. “NetCat designed to create an absolute majority of the types of sites: from simple “business card" with a minimum content to complex web-based systems, from corporate offices to online stores, libraries or media data – in other words, projects…

View original post 詳見內文:約210字