MITRE CVE Numbering Authority

I ‘m proud to announce that “MITRE CVE Numbering Authority” has assigned me eleven (11) CVE numbers for vulnerabilities that I’ve discovered in last days. In details:

DFLabs PTK <= 1.0.5:

  • CVE-2012-1415 for Multiple Vulnerabilities (Steal Authentication Credentials)

Fork CMS <= 3.2.5:

  • CVE-2012-1306 for “Delete Admins or Users” and “Delete Web Pages” issues.
  • CVE-2012-1307 for “poor logic to manage sessions” form_token issue.
  • CVE-2012-1304 for XSS into private/en/blog/settings and private/en/users/index issues.
  • CVE-2012-1305 for XSS into private/en/pages/settings issue.

D-Link DSL-2640B (ADSL Router):

  • CVE-2012-1308 for CSRF Vulnerability
  • CVE-2012-1309 for Authentication Bypass

 ContaoCMS (fka TYPOlight) <= 2.11:

  • CVE-2012-1297 for CSRF (Delete Admin- Delete Article)

SyndeoCMS <= 3.0:

  • CVE-2012-1203 for CSRF Vulnerability

SocialCMS <= 1.0.2:

  • CVE-2012-1416 for CSRF Vulnerabilities

PlumeCMS <= 1.2.4:

  • CVE-2012-1414 for CSRF Vulnerability

Secunia – Contao cms (fka TYPOlight) CSRF Vulnerability

Secunia has published my new security Adsvisory regarding a new vulnerability found in latest release (and lower) of Contao CMS(fka TYPOlight). This vulnerability allows an attacker to delete administrator/users, articles, news, newsletter andmodify many other parameters.

To read Secunia’s Advisory:
http://secunia.com/advisories/48180/

To learn more about my Original Advisory:

http://ivanobinetti.blogspot.com/2012/02/contaocms-fka-typolight-211-csrf-delete.html

Secunia – Webfolio cms CSRF Vulnerability

Today Secunia published a my security Adsvisory regarding a new vulnerability found in Webfolio CMS which allows to add a new administrator account, modify published web pages and change many other parameters of latest release (and below) of Webfolio CMS.

To read Secunia’s Advisory:
http://secunia.com/advisories/48190

For know more about my original Advisory:
http://ivanobinetti.blogspot.com/2012/02/webfoliocms-114-csrf-add-adminmodify.html

WebfolioCMS <= 1.1.4 CSRF (Add Admin/Modify Pages)

Today I’ve discovered a new CSRF vulnerability which affects WebfolioCMS 1.1.4 (and lower) and which allows to modify any parameter. In my Advisory I’ve demonstrated how to add a new administrator account and how to modify a published web page.

Download my Original Advisory

Some other pubblication related to this vulnerability:
http://packetstormsecurity.org/files/110294/WebfolioCMS-1.1.4-Cross-Site-Request-Forgery.html
http://www.exploit-db.com/exploits/18536/
http://osvdb.org/show/osvdb/79658

IBM X-Force published my SyndeoCMS Advisory

Yesterday IBM X-Force published my Advisory regarding a new CSRF vulneability that I’ve found in SyndeoCMS http://ivanobinetti.blogspot.com/2012/02/syndeocms-30-csrf-vulnerability.html
This vulnerability allows an attacker to change administrator password and gain access to the system.

IBM classified this vulnerability as “Highly Exploitable”.

For more details about IBM X-Force publication:
http://xforce.iss.net/xforce/xfdb/73319

ContaoCMS (fka TYPOlight) 2.11 CSRF (Delete Admin- Delete Article)

ContaoCMS (fka TYPOlight) 2.11 version (and lower) in affected by a CSRF vulnerability which allows to delete administrator/users, delete article, news, newsletter and so on.
I’ve created an Advisory describing this vulnerability and the methods to exploit it:
ContaoCMS Ivano Binetti’s Advisory

Other web sites have reported my security Advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297
http://osvdb.org/show/osvdb/79635
http://packetstormsecurity.org/files/110214/ContaoCMS-2.11.0-Cross-Site-Request-Forgery.html
http://www.exploit-db.com/exploits/18527/
http://secunia.com/advisories/48180/
http://www.securelist.com/en/advisories/48180
http://xforce.iss.net/xforce/xfdb/73479
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1297
https://bugs.launchpad.net/bugs/cve/2012-1297
http://cxsecurity.com/cveshow/CVE-2012-1297/
http://www.cvedetails.com/cve/CVE-2012-1297/

 

 

IBM X-Force published my PlumeCMS Advisory

Few days ago I discovered a new CSRF vulnerability (http://ivanobinetti.blogspot.com/2012/02/plumecms-124-csrf-0day-vulnerability.html which affects all versions – included latest (1.2.4) – of Pluse CMS.
Today IBM X-Force published my Advisory and classified the “Exploitability:” of this vulnerability as “High”.
Fore more details:
http://xforce.iss.net/xforce/xfdb/73317