Re: CVE request: PHP-Fusion waraxe-2013-SA#097

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/02/2013 05:02 PM, Henri Salo wrote:
> Hello list,
>
> Can I get CVEs for vulnerabilities fixed in PHP-Fusion version
> 7.02.06, thanks.
>
> http://www.waraxe.us/advisory-97.html waraxe-2013-SA#097

Ok grouped these into the 5 sets of vulns:

> OSVDB ID    title 90714     PHP-Fusion /downloads.php orderby
> Parameter SQL Injection 90713     PHP-Fusion /forum/postedit.php
> delete_attach_* Parameter SQL Injection 90712     PHP-Fusion
> /forum/postnewthread.php poll_opts Parameter SQL Injection 90711
> PHP-Fusion /administration/settings_messages.php Multiple Parameter
> SQL Injection 90710     PHP-Fusion
> /administration/settings_photo.php Multiple Parameter SQL Injection
>  90709     PHP-Fusion /administration/bbcodes.php enable Parameter
> SQL Injection 90695     PHP-Fusion /administration/news.php
> Multiple Parameter SQL
Injection
> 90693     PHP-Fusion /administration/articles.php article_id
Parameter SQL Injection
> 90359     PHP-Fusion includes/classes/Authenticate.class.php
Multiple Cookie SQL Injection

Please use CVE-2013-1803 for these issues.

> 90708     PHP-Fusion /forum/viewthread.php highlight Parameter XSS
>  90707     PHP-Fusion /messages.php Multiple Parameter XSS 90706
> PHP-Fusion /infusions/shoutbox_panel/shoutbox_admin.php message
> Parameter XSS 90705     PHP-Fusion /administration/news.php message
> Parameter XSS 90704     PHP-Fusion /administration/panel_editor.php
> panel_list Parameter XSS 90703     PHP-Fusion
> /administration/phpinfo.php User-Agent HTTP Header XSS 90702
> PHP-Fusion /administration/bbcodes.php __BBCODE__ Parameter XSS 
> 90701     PHP-Fusion /administration/article_cats.php Multiple
> Parameter XSS 90700     PHP-Fusion
> /administration/download_cats.php Multiple Parameter XSS 90699
> PHP-Fusion /administration/news_cats.php Multiple Parameter XSS 
> 90698     PHP-Fusion /administration/weblink_cats.php Multiple
> Parameter XSS 90697     PHP-Fusion /administration/articles.php
> Multiple Parameter XSS

Please use CVE-2013-1804 for these issues.

> 90696     PHP-Fusion /administration/db_backup.php file Parameter
> Traversal Arbitrary File Deletion

Please use CVE-2013-1805 for these issues.

> 90694     PHP-Fusion /maincore.php user_theme Parameter Traversal
> Local File Inclusion 90692     PHP-Fusion
> /administration/user_fields.php enable Parameter Traversal Local
> File Inclusion

Please use CVE-2013-1806 for these issues.

> 90691     PHP-Fusion /administration/db_backup.php Database Backup
> Direct Request Information Disclosure

Please use CVE-2013-1807 for these issues.

> -- Henri Salo


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRMrYHAAoJEBYNRVNeJnmTCiwP/AnADFWBxSi7WZgdordsi2et
QxJEWJ6b20KCgDTTCNwrIkHgVuEptiLZBAdyb8vHGJH34s/2WOPBrb6cTybXhQMf
hgnjhRGOuk8i29Z8bG1eQxilfiyckmklLNITnfmWdSTI+o0ZwGNpxvfuE5lCCPMM
+T1gVp1GEx9+pbFTj9W3Ud/Rfozq4ESBqhG3gk1D5iG57yPKstpeS6m9HDMzD1ou
YVEH9QeqwUgxQHJ5EVV3ovs2zrHbNpoTOdS2Bqdm2P2xuQCXxwJQFquii9DC0FMb
HFdysguYxTBXBkFrV4YpPXGdpSGYkazsCb6WMjC7886FDOKH+LMZoDK5mY++sLr0
6AUtoc1L+X5KvpIrod2BUS4QMt4P6yJIndxkG+dvWUZWbjHReQjBwHNOtttnXRAd
vOpwxzu8rzxZVErentXXu+04nffcjaxPmnngoQCH6nwf+wwjyOdCqW0hnSopa6zm
RHp7X6kGuuXDUVELRI7seuUcCOnY2eCwlSe+rzMZZjtqlwovCW9Gpi0MhwK9YF1c
VXCVIi6jtJbFwPS9s5JKCaqV0hFyfvUi2gmuMehmAREtBGyMINX93i4lY2Kz8SId
bBQJH/hdpZsiAUZ295fbDuIEO9CvNKWOPm+cI7bujGh14deuBH48rlU62MhHlbbs
US+dX4d0lZe0DkK81o65
=KrvT
-----END PGP SIGNATURE-----