gulftech.org
Advisories
http://www.gulftech.org/advisories
2008 Oct, 20. GTSA-00123 ] Advanced Electron Forum. 2008 Sep, 20. GTSA-00122 ] UBB.threads. 2008 Sep, 08. GTSA-00121 ] Zen Cart. 2008 Sep, 04. 2008 Sep, 02. GTSA-00119 ] Crafty Syntax Live Help. 2008 Aug, 25. 2008 Aug, 19. 2008 Aug, 18. GTSA-00116 ] PHP Live Helper. 2008 Aug, 16. 2008 Aug, 07. 2008 Aug, 09. 2008 Aug, 04. 2008 Jul, 31. 2008 Jul, 30. GTSA-00110 ] ViArt Shop. 2008 Jul, 29. 2008 Jul, 28. 2006 Oct, 04. 2006 Sep, 30. 2006 Sep, 21. 2006 Sep, 18. 2006 Sep, 14. 2006 Aug, 28. 2006 Aug, 17.
gulftech.org
WebSVN <= 2.0 Multiple Vulnerabilities
http://www.gulftech.org/advisories/WebSVN%20Multiple%20Vulnerabilities/124
Http:/ websvn.tigris.org. There is a Cross Site Scripting issue in WebSVN, due to the unsafe usage of the PHP SELF server variable within the getParameterisedSelfUrl() function. Indexphp/" script alert(document.cookie); /script. A url like the one above would display a JavaScript alert window containing the cookie data of any set cookies for the domain. Cachename reflecting full path to and rev for rssfeed. Must end with xml to work $cachename = strtr(getFullURL($listurl), ":/? The above code can be foun...
gulftech.org
CS-Cart <= 1.3.5 SQL Injection
http://www.gulftech.org/advisories/CS-Cart%20SQL%20Injection/120
Http:/ www.cs-cart.com/. There is a fairly serious SQL Injection issue in CS-Cart that, as mentioned before, allows attackers to easily bypass authentication, or retrieve arbitrary data from the underlying database. The vulnerable code can be found in /core/user.php. Cs cookies[customer user id]=1'/*;. For example an attacker could specify a cookie like the one shown above and successfully log in as the customer with the id of 1 without ever actually authenticating. Alternatively just about any data ...
gulftech.org
Advanced Electron Forum <= 1.0.6 Remote Code Execution
http://www.gulftech.org/advisories/Advanced%20Electron%20Forum%20Remote%20Code%20Execution/123
Advanced Electron Forum Remote Code Execution. Http:/ www.anelectron.com/. There is a serious security issue within AEF Forums that allows for forum users to easily execute arbitrary php code on the affected webserver. This issue is due to AEF Forums sending wildcard matches to the replacement parameter of preg replace function, within double quotes, while the eval switch is present. Below is one of the many examples of the security issues within the bbcode handling of AEF.
gulftech.org
Crafty Syntax Live Help <= 2.14.6 SQL Injection
http://www.gulftech.org/advisories/Crafty%20Syntax%20Live%20Help%20SQL%20Injection/119
Crafty Syntax Live Help SQL Injection. Crafty Syntax Live Help. Http:/ www.craftysyntax.com. There is a high risk SQL Injection issue within Crafty Syntax Live Help that allows for an attacker to read arbitrary database contents such as user credentials, or administrator credentials. The vulnerable bit of code in question can be seen below. LIMIT 1': "WHERE recno=$department");. Scriptname=1&department=-99%20UNION%20SELECT%201,2,concat (username,char(58),password),4,5,6,7,8,9%20FROM%20livehelp users/*.
gulftech.org
Vanilla <= 1.1.4 Multiple Vulnerabilities
http://www.gulftech.org/advisories/Vanilla%20Multiple%20Vulnerabilities/118
Http:/ www.getvanilla.com/. Vanilla is an open-source, standards-compliant, multi-lingual, fully extensible web based discussion forum. Unfortunately there are a couple of issues within Vanilla that allow for a malicious user to steal client based credentials such as cookies. These issues include both script injection and cross site scripting. An updated version of Vanilla has been released and users should upgrade their Vanilla installation as soon as possible. Test" onclick=alert(document.cookie); ".
gulftech.org
RunCMS <= 1.2 Multiple Vulnerabilities
http://www.gulftech.org/advisories/RunCMS%20Multiple%20Vulnerabilities/87
Http:/ www.runcms.org/. RunCMS is a very popular, full featured content management system based on the XOOPS content management system. There are a number of fairly serious vulnerabilities in RunCMS that may allow an attacker to overwrite very important variables used by RunCMS and conduct SQL Injection attacks. A new version of RunCMS has been released some time ago, and all users are advised to upgrade immediately. Empty($HTTP GET VARS) ) { extract($HTTP GET VARS, EXTR SKIP); } if (! There are a number...
gulftech.org
Live Response <= 2.0 Multiple Vulnerabilities
http://www.gulftech.org/advisories/Live%20Response%20Multiple%20Vulnerabilities/85
Live Response Multiple Vulnerabilities. Http:/ www.kayako.com/. Kayako liveResponse is a web based application aimed at providing live support for websites and businesses. There are a number of vulnerabilities in Kayako liveResponse that range from Cross Site Request Forgeries, Cross Site Scripting, Information Disclosure, Script Injection, and SQL Injection vulnerabilities which can lead to disclosure of sensitive data. Users are suggested to update as soon as a secured version becomes available. When l...
gulftech.org
UBB.threads <= 7.3.1 SQL Injection
http://www.gulftech.org/advisories/UBB.threads%20SQL%20Injection/122
Http:/ www.ubbcentral.com/. UBBthreads is a popular online forum system written in php that allows webmasters and site owners to host their own discussion forums within their website. Unfortunately UBB.threads is vulnerable to an SQL Injection in it's search functionality that may allow for an attacker to execute arbitrary SQL queries on the underlying database. An updated version of UBB.threads has been released to address this issue and users should upgrade as soon as possible. Now we need to figure ou...
