Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: LetoDMS, more issues
From: Raphael Geissert <geissert () debian org>
Date: Fri, 5 Oct 2012 23:11:36 -0500

Hi,

Some more issues were fixed in LetoDMS...

* Fixed in 3.3.8
Multiple XSS:
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/inc/inc.ClassUI.php?r1=930&r2=929&pathrev=930
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/out.DocumentNotify.php?r1=934&r2=933&pathrev=934
(and a few others scattered in multiple other commits)
Missing CSRF protection (all part of the same thing):
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=927
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=915
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=914
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=907
(and possibly some others...)

* Fixed in 3.3.9
Multiple XSS in out/out.UsrMgr.php: 
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/out.UsrMgr.php?r1=979&r2=978&pathrev=979
Regression in the above patch (fixed after the release of 3.3.9):
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/out.UsrMgr.php?r1=982&r2=981&pathrev=982

LetoDMS Core:
* Fixed in 3.3.8:
SQL injection:
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/LetoDMS_Core/Core/inc.ClassDMS.php?r1=929&r2=928&pathrev=929

etc

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]