GetSimpleCMS 3.3.5: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc

  • Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc
  • Affected Software: GetSimple CMS
  • Affected Version: 3.3.5 (probably also prior versions)
  • Partially Patched Version: 3.3.6
  • Risk: Medium-High
  • Vendor Contacted: 2015-06-14
  • Vendor Partial Fix: 2015-07-14
  • Public Disclosure: 2015-07-15

GetSimple CMS is a content management system written in PHP. It does not use a database, but xml files instead.

There are various vulnerabilities in version 3.3.5, most of which are fixed in version 3.3.6.

For version 3.3.6 it is important that the htaccess file of GetSimple CMS can be read by the server, as otherwise passwords and other sensitive information will be disclosed (the functionality of the website itself is not affected by an unread htaccess file, so it might go unnoticed).

Continue

ZenPhoto 1.4.8: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution

  • Vulnerability: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution
  • Affected Software: ZenPhoto
  • Affected Version: 1.4.8 (probably also prior versions)
  • Patched Version: 1.4.9
  • Risk: Medium
  • Vendor Contacted: 2015-05-18
  • Vendor Fix: 2015-07-09
  • Public Disclosure: 2015-07-10

ZenPhoto is an open-source CMS written in PHP with a focus on hosting images. There are multiple vulnerabilities in version 1.4.8, including SQL injection and XSS vulnerabilities.

Continue

WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

  • Vulnerability: Code Execution, CSRF, XSS, Information Disclosure
  • Affected Software: WordPress File Upload (WordPress Plugin)
  • Affected Version: 2.7.6 (probably also prior versions)
  • Patched Version: 3.0.0
  • Risk: High
  • Vendor Contacted: 2015-06-30
  • Vendor Fix: 2015-07-02
  • Public Disclosure: 2015-07-02
Continue

PivotX 2.3.10: Session Fixation, Reflected XSS, Code Execution

  • Vulnerability: Session Fixation, Reflected XSS, Code Execution
  • Affected Software: PivotX
  • Affected Version: 2.3.10 (probably also prior versions)
  • Patched Version: 2.3.11
  • Risk: Medium-High
  • Vendor Contacted: 2015-05-27
  • Vendor Fix: 2015-06-21
  • Public Disclosure: 2015-06-27
Continue