|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 3483 CVE : CVE-2007-6526 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : No Credit : Mesut Timur Published : 28.12.2007
Advisory Content : H - Security Labs Tikiwiki v1.9.8.3 Security Advisory ID : HSEC#20072212 General Information -------------------------- Name : Tikiwiki 1.9.8.3 Vendor HomePage :http://tikiwiki.org Platforms : PHP && MySQL Vulnerability Type : Input Validation Error Timeline ------------------------- 17 December 2007 -- Vendor Contacted 19 December 2007 -- Vendor Replied 22 December 2007 -- New Release 22 December 2007 -- Advisory Released What is TikiWiki ------------------------ Tikiwiki (Tiki) is your Groupware/CMS (Content Management System) solution. Tiki has the features you need: Wikis (like Mediawiki), Forums (like phpBB) ,Blogs (like WordPress), Articles (like Digg), Image Gallery (like Flickr), Map Server (like Google Maps), Link Directory (like DMOZ), Translation and i18n (like Babel Fish), Free (LGPL) And much more... Vulnerability Overview ------------------------ The script is vulnerable to XSS attacks. Details About Vulnerability ------------------------ XSS Vulnerability (/tikiwiki/tiki-special_chars.php) At the lines between 166-168 : ----------------- ').value=window.opener.document.getElementById('').value+getElementById( 'spec').value;" name="ins" value="ins" /> ">, you can see it.. The attacker can succesfully launch XSS attacks with loading payload on to the URL area_name variable. Solution ----------------------- Download the new release : Tikiwiki 1.9.9 from http://sourceforge.net/project/showfiles.php?group_id=64258&package_id=1 12134&release_id=563456 Credits ----------------------- The vulnerabilities found on 17 December 2007 by Mesut Timur H - Security Labs , http://www.h-labs.org Gebze Institute of Technology Department of Computer Engineering http://www.gyte.edu.tr References ----------------------- Vendor Confirmation : http://tikiwiki.org/ReleaseProcess199 Original Advisory : http://www.h-labs.org/blog/2007/12/24/tikiwiki_1_9_8_3_tiki_special_char s_php_xss_vulnerability.html _________________________________________________________________ Don't get caught with egg on your face. Play Chicktionary! http://club.live.com/chicktionary.aspx?icid=chick_wlhmtextlink1_dec  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |