ソフト名:Xinha 0.96.1
回避策:未対応
脆弱性:XSS, 認証資格情報の奪取
ソース:http://trac.xinha.org/
http://www.majorsecurity.net/xinha-editor-xss.php
http://secunia.com/advisories/40669
http://www.vupen.com/english/advisories/2010/1851
危険性:Medium Risk
2010-05-18
s9y Serendipity, Xinha
ソフト名:s9y Serendipity 1.5.2, Xinha 0.95
回避策:アップデートにて対応
脆弱性:リモートファイルアップロード
ソース:http://php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html
http://php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html
http://www.s9y.org/
http://trac.xinha.org/
http://www.securityfocus.com/bid/40033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1916
http://secunia.com/advisories/39782
http://secunia.com/advisories/39783
http://secunia.com/advisories/39808
CVE:CVE-2010-1916
危険性:Medium Risk
回避策:アップデートにて対応
脆弱性:リモートファイルアップロード
ソース:http://php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html
http://php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html
http://www.s9y.org/
http://trac.xinha.org/
http://www.securityfocus.com/bid/40033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1916
http://secunia.com/advisories/39782
http://secunia.com/advisories/39783
http://secunia.com/advisories/39808
CVE:CVE-2010-1916
危険性:Medium Risk
登録:
投稿 (Atom)
