Monthly Archive: July 2019

In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as...

In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, the specific upload web module doesn’t verify the file extension and type, and an attacker can upload a webshell. After the webshell upload,...

An issue was discovered in the Teclib News plugin through 1.5.2 for GLPI. It allows a stored XSS attack via the $_POST[‘name’] parameter. Date published : 2019-07-10 https://github.com/pluginsGLPI/news/releases/tag/1.5.3 https://github.com/pluginsGLPI/news/blob/master/front/alert.form.php

An issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. it allows SQL Injection via container_id and old_order parameters to ajax/reorder.php by an unauthenticated user. Date published : 2019-07-10 https://github.com/pluginsGLPI/fields/releases/tag/1.10.0 https://github.com/pluginsGLPI/fields/blob/master/ajax/reorder.php

Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. Date published...

Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. Date published :...

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2...

Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and...

Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. Date published : 2019-07-10 https://seclists.org/bugtraq/2019/Jun/12 https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html

MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. Date published : 2019-07-10 https://seclists.org/bugtraq/2019/Jun/12 https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover. Date published : 2019-07-10 https://seclists.org/bugtraq/2019/Jun/12 https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html

MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2...

Wikimedia MediaWiki through 1.32.1 allows CSRF. Date published : 2019-07-10 https://seclists.org/bugtraq/2019/Jun/12 https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. Date published : 2019-07-10 https://www.netiq.com/documentation/advanced-authentication-60/advanced-authentication-releasenotes-60/data/advanced-authentication-releasenotes-60.html#t49vfiy1udvg