Monthly Archive: July 2017

Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter. Date published : 2017-07-18 https://github.com/FiyoCMS/FiyoCMS/issues/5

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST[‘parent_id’], $_POST[‘desc’], $_POST[‘keys’], and $_POST[‘level’]. Date published : 2017-07-18 https://github.com/FiyoCMS/FiyoCMS/issues/5

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment.php via $_POST[‘comment’], $_POST[‘name’], $_POST[‘web’], $_POST[’email’], $_POST[‘status’], $_POST[‘id’], and $_REQUEST[‘id’]. Date published : 2017-07-18 https://github.com/FiyoCMS/FiyoCMS/issues/5

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/comment_status.php via $_GET[‘id’]. Date published : 2017-07-18 https://github.com/FiyoCMS/FiyoCMS/issues/5

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET[‘id’]. Date published : 2017-07-18 https://github.com/FiyoCMS/FiyoCMS/issues/5

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete...

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation...

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type. Date published : 2017-07-18 http://www.securityfocus.com/bid/99914 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection. Date published : 2017-07-18 http://www.securityfocus.com/bid/99894 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt. Date published : 2017-07-18 http://www.securityfocus.com/bid/99910 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13792

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values. Date published : 2017-07-18...

REDCap before 7.5.1 has XSS via the query string. Date published : 2017-07-18 https://community.projectredcap.org/articles/13/changelog-standard-release.html https://gist.github.com/jordanpotti/fef4f1ada404d5ba7f88ab42e93cdaae

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components. Date published : 2017-07-18 https://community.projectredcap.org/articles/13/changelog-standard-release.html https://gist.github.com/jordanpotti/fef4f1ada404d5ba7f88ab42e93cdaae

An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote...