Debian Security Advisory 1423-1 - Several remote vulnerabilities have been discovered in sitebar, a web based bookmark manager written in PHP.
da194b681f8ebc0cd79e03be585700374cc2675c0f874e7cef7dfb5acdad3595Gentoo Linux Security Advisory GLSA 200711-05 - Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the dir parameter; the translation module also does not sanitize the values of the edit and value parameters which it passes to eval() and include(); the log-in command does not validate the URL to redirect users to after logging in; SiteBar also contains several cross-site scripting vulnerabilities. Versions less than 3.3.9 are affected.
36771fb0329b6926ba517c37cc21aa30da4b07b906f850422e0062503b31d17eNth Dimension Security Advisory (NDSA20071016) - The SiteBar application has single high risk issues with its translation module. It can can be made to retrieve any file to which the web server user has read access. The SiteBar application has multiple high risk issues with its translation module. It can be made to execute arbitrary code to gain remote access as the web server user typically nobody. The SiteBar application has multiple medium risk issues where it is vulnerable to Javascript injection within the requested URL. The SiteBar application has single medium risk issue where it is vulnerable to malicious redirects within the requested URL. Version 3.3.8 is affected.
f9787ab6aeb07593ce7cda6de093a36855c1a84a926762bb230871ba4fa62bdb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed