Threat/Vulnerability report week of February 5th

Security annoucements of interest to the AtomiCorp community, such as vulnerabilities in third party applications.
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Threat/Vulnerability report week of February 5th

Unread post by mikeshinn »

This report is an analysis of all published vulnerabilities in any product, weaknesses in technologies, exploits Internet wide, current internet threats associated with platforms and products our customers use, and if any action was required to protect their assets from these these vulnerabilities, weaknesses and exploits depending on the Atomicorp product(s) they are using. When action is required, a separate report is posted on that day.

Please see this forum post for an explanation of the categories used in this report.

CVEs are sometimes created after a vulnerability is published (sometimes far after it has been made public). When CVEs are referenced, it is because a CVE was created today, not because an issue was resolved today, and it is included here for reference.

ASL users

Summary: No update required. ASL systems were already immune to all published vulnerabilities this week.

Already protected against/Known Method/No update required

Bitcoin MLM Software 1.0.2 Cross Site Scripting
Entrepreneur Dating Script 2.0.2 SQL Injection
Facebook Clone Script 1.0.5 Cross Site Scripting
Joomla! jLike 1.0 Information Leak
Joomla! JSP Tickets 1.1 SQL Injection
Joomla! Zh BaiduMap 3.0.0.1 SQL Injection
Joomla! Zh GoogleMap 8.4.0.0 SQL Injection
Joomla! Zh YandexMap 6.2.1.0 SQL Injection
Lawyer Search Script 1.0.2 Cross Site Scripting
Matrimonial Website Script 2.1.6 SQL Injection
Multi Language Olx Clone Script 2.0.7 Cross Site Scripting
Multilanguage Real Estate MLM Script 3.0 Cross Site Scripting
Multi Religion Responsive Matrimonial 4.7.2 Cross Site Scripting
Naukri Clone Script 3.0.3 Cross Site Scripting
Naukri Clone Script 3.0.3 SQL Injection
Online Test Script 2.0.7 SQL Injection
Paypal / Money Transfer Clone Script 1.0.9 SQL Injection
PHP Scripts Mall Doctor Search Script 1.0.2 Cross Site Scripting
Readymade Video Sharing Script 3.2 SQL Injection
Red Hat Security Advisory 2018-0294-01
Schools Alert Management Script 2.0.2 Arbitrary File Upload / Remote Code Execution
Student Profile Management System Script 2.0.6 SQL Injection
WordPress Bookly Lite 13.2 Cross Site Scripting



New Method/Update Available

No updates required for vulnerabilities released this week.

Doesnt protect against/Solution

None.

Potential Vulnerability/Solution

None.

Rules only users

Summary:

No update required.

Already protected against/Known Method/No update required

Bitcoin MLM Software 1.0.2 Cross Site Scripting
Entrepreneur Dating Script 2.0.2 SQL Injection
Facebook Clone Script 1.0.5 Cross Site Scripting
Joomla! jLike 1.0 Information Leak
Joomla! JSP Tickets 1.1 SQL Injection
Joomla! Zh BaiduMap 3.0.0.1 SQL Injection
Joomla! Zh GoogleMap 8.4.0.0 SQL Injection
Joomla! Zh YandexMap 6.2.1.0 SQL Injection
Lawyer Search Script 1.0.2 Cross Site Scripting
Matrimonial Website Script 2.1.6 SQL Injection
Multi Language Olx Clone Script 2.0.7 Cross Site Scripting
Multilanguage Real Estate MLM Script 3.0 Cross Site Scripting
Multi Religion Responsive Matrimonial 4.7.2 Cross Site Scripting
Naukri Clone Script 3.0.3 Cross Site Scripting
Naukri Clone Script 3.0.3 SQL Injection
Online Test Script 2.0.7 SQL Injection
Paypal / Money Transfer Clone Script 1.0.9 SQL Injection
PHP Scripts Mall Doctor Search Script 1.0.2 Cross Site Scripting
Readymade Video Sharing Script 3.2 SQL Injection
Red Hat Security Advisory 2018-0294-01
Schools Alert Management Script 2.0.2 Arbitrary File Upload / Remote Code Execution
Student Profile Management System Script 2.0.6 SQL Injection
WordPress Bookly Lite 13.2 Cross Site Scripting


New Method/Update Available

No updates required for vulnerabilities released this week.

Doesnt protect against/Solution

None this week.

Potential Vulnerability/Solution

None this week.
Post Reply