oss-sec mailing list archives

CVE request: Zenphoto waraxe-2012-SA#096

From: Henri Salo <henri () nerv fi>
Date: Thu, 11 Jul 2013 01:01:18 +0300

Can I get 2012 CVE identifiers for multiple issues in Zenphoto, thanks. Maybe we
can only use one ID for easiness.

Advisory URL: http://www.waraxe.us/advisory-96.html
Author: Janek Vind "waraxe"
Affected versions: Zenphoto 1.4.3.3 and older
Patched version: Zenphoto 1.4.3.4
Release advisory: http://www.zenphoto.org/news/zenphoto-1.4.3.4
http://secunia.com/advisories/50799/
http://www.securelist.com/en/advisories/50799

http://osvdb.org/87016 Zenphoto zp-core/zp-extensions/GoogleMap/m.php data Parameter XSS  
http://osvdb.org/87017 Zenphoto zp-core/zp-extensions/tiny_mce/config/zenpage-default-full.js.php locale Parameter XSS  
http://osvdb.org/87018 Zenphoto zp-core/zp-extensions/cloneZenphoto/cloneTab.php Multiple Parameter XSS  
http://osvdb.org/87019 Zenphoto zp-core/admin-tags.php tagsort Parameter XSS  
http://osvdb.org/87020 Zenphoto zp-core/admin-users.php error Parameter XSS   
http://osvdb.org/87021 Zenphoto zp-core/admin-thumbcrop.php Multiple Parameter XSS  
http://osvdb.org/87022 Zenphoto zp-core/admin-comments.php ndeleted Parameter XSS  
http://osvdb.org/87023 Zenphoto zp-core/zp-extensions/tiny_mce/plugins/tinyzenpage/js/dialog.php album Parameter XSS  
http://osvdb.org/87024 Zenphoto zp-core/admin-upload.php Multiple Parameter XSS  
http://osvdb.org/87025 Zenphoto Database Backup Direct Request Remote Information Disclosure
http://osvdb.org/87026 Zenphoto zp-core/zp-extensions/uploader_flash/check.php Arbitrary File Enumeration  
http://osvdb.org/87027 Zenphoto zp-core/zp-extensions/search_statistics.php X_FORWARDED_FOR HTTP Header SQL Injection
http://osvdb.org/87028 Zenphoto zp-core/zp-extensions/failed_access_blocker.php X_FORWARDED_FOR HTTP Header SQL 
Injection
http://osvdb.org/87029 Zenphoto zp-core/zp-extensions/federated_logon/Verisign_logon.php redirect Parameter XSS  
http://osvdb.org/87030 Zenphoto zp-core/zp-extensions/federated_logon/OpenID_logon.php Multiple Parameter XSS  
http://osvdb.org/87031 Zenphoto zp-core/admin-functions.php File Upload PHP Code Execution
http://osvdb.org/87032 Zenphoto zp-core/zp-extensions/uploader_jQuery/uploader.php File Upload PHP Code Execution
http://osvdb.org/87033 Zenphoto getUserIP() Function X_FORWARDED_FOR HTTP Header IP Address Spoofing Weakness

Please note that CVE-2012-4519 has been assigned to issue http://osvdb.org/85899
in mailing list thread http://www.openwall.com/lists/oss-security/2012/10/11/4

---
Henri Salo

Attachment: signature.asc
Description: Digital signature

Current thread:

CVE request: Zenphoto waraxe-2012-SA#096 Henri Salo (Jul 10)