oss-sec mailing list archives
CVE request: Fat Free CRM multiple vulnerabilities
From: Henri Salo <henri () nerv fi>
Date: Sat, 28 Dec 2013 09:16:26 +0200
Can I get four 2013 CVE identifiers for following Fat Free CRM issues, thanks. Advisory: http://www.phenoelit.org/stuff/ffcrm.txt http://seclists.org/fulldisclosure/2013/Dec/199 Notification to vendor: https://github.com/fatfreecrm/fat_free_crm/issues/300 New versions 0.13.0 and 0.12.1 released: https://github.com/fatfreecrm/fat_free_crm/wiki/Fixing-security-vulnerabilities-%2827th-Dec-2013%29 Issues: 1. Known Session Secret 2. Lack of CSRF Protection 3. Default to_json for models 4. Multiple SQL Injections --- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request: Fat Free CRM multiple vulnerabilities Henri Salo (Dec 27)
- Re: CVE request: Fat Free CRM multiple vulnerabilities cve-assign (Dec 28)
- Re: CVE request: Fat Free CRM multiple vulnerabilities Steve Kenworthy (Dec 30)
- Re: CVE request: Fat Free CRM multiple vulnerabilities cve-assign (Dec 31)
- Re: CVE request: Fat Free CRM multiple vulnerabilities Steve Kenworthy (Dec 30)
- Re: CVE request: Fat Free CRM multiple vulnerabilities cve-assign (Dec 28)