This report is an analysis of all published vulnerabilities in any product, weaknesses in technologies, exploits Internet wide, current internet threats associated with platforms and products our customers use, and if any action was required to protect their assets from these these vulnerabilities, weaknesses and exploits depending on the Atomicorp product(s) they are using. When action is required, a separate report is posted on that day.
Please see this forum post for an explanation of the categories used in this report.
CVEs are sometimes created after a vulnerability is published (sometimes far after it has been made public). When CVEs are referenced, it is because a CVE was created today, not because an issue was resolved today, and it is included here for reference.
ASL users
Summary: No update required. ASL systems were already immune to all published vulnerabilities this week.
Already protected against/Known Method/No update required
Bitcoin MLM Software 1.0.2 Cross Site Scripting
Entrepreneur Dating Script 2.0.2 SQL Injection
Facebook Clone Script 1.0.5 Cross Site Scripting
Joomla! jLike 1.0 Information Leak
Joomla! JSP Tickets 1.1 SQL Injection
Joomla! Zh BaiduMap 3.0.0.1 SQL Injection
Joomla! Zh GoogleMap 8.4.0.0 SQL Injection
Joomla! Zh YandexMap 6.2.1.0 SQL Injection
Lawyer Search Script 1.0.2 Cross Site Scripting
Matrimonial Website Script 2.1.6 SQL Injection
Multi Language Olx Clone Script 2.0.7 Cross Site Scripting
Multilanguage Real Estate MLM Script 3.0 Cross Site Scripting
Multi Religion Responsive Matrimonial 4.7.2 Cross Site Scripting
Naukri Clone Script 3.0.3 Cross Site Scripting
Naukri Clone Script 3.0.3 SQL Injection
Online Test Script 2.0.7 SQL Injection
Paypal / Money Transfer Clone Script 1.0.9 SQL Injection
PHP Scripts Mall Doctor Search Script 1.0.2 Cross Site Scripting
Readymade Video Sharing Script 3.2 SQL Injection
Red Hat Security Advisory 2018-0294-01
Schools Alert Management Script 2.0.2 Arbitrary File Upload / Remote Code Execution
Student Profile Management System Script 2.0.6 SQL Injection
WordPress Bookly Lite 13.2 Cross Site Scripting
New Method/Update Available
No updates required for vulnerabilities released this week.
Doesnt protect against/Solution
None.
Potential Vulnerability/Solution
None.
Rules only users
Summary:
No update required.
Already protected against/Known Method/No update required
Bitcoin MLM Software 1.0.2 Cross Site Scripting
Entrepreneur Dating Script 2.0.2 SQL Injection
Facebook Clone Script 1.0.5 Cross Site Scripting
Joomla! jLike 1.0 Information Leak
Joomla! JSP Tickets 1.1 SQL Injection
Joomla! Zh BaiduMap 3.0.0.1 SQL Injection
Joomla! Zh GoogleMap 8.4.0.0 SQL Injection
Joomla! Zh YandexMap 6.2.1.0 SQL Injection
Lawyer Search Script 1.0.2 Cross Site Scripting
Matrimonial Website Script 2.1.6 SQL Injection
Multi Language Olx Clone Script 2.0.7 Cross Site Scripting
Multilanguage Real Estate MLM Script 3.0 Cross Site Scripting
Multi Religion Responsive Matrimonial 4.7.2 Cross Site Scripting
Naukri Clone Script 3.0.3 Cross Site Scripting
Naukri Clone Script 3.0.3 SQL Injection
Online Test Script 2.0.7 SQL Injection
Paypal / Money Transfer Clone Script 1.0.9 SQL Injection
PHP Scripts Mall Doctor Search Script 1.0.2 Cross Site Scripting
Readymade Video Sharing Script 3.2 SQL Injection
Red Hat Security Advisory 2018-0294-01
Schools Alert Management Script 2.0.2 Arbitrary File Upload / Remote Code Execution
Student Profile Management System Script 2.0.6 SQL Injection
WordPress Bookly Lite 13.2 Cross Site Scripting
New Method/Update Available
No updates required for vulnerabilities released this week.
Doesnt protect against/Solution
None this week.
Potential Vulnerability/Solution
None this week.