Top Five Web Application Vulnerabilities 9/2/08 - 9/14/08 - Top Web Vulnerabilities -
Top Web Vulnerabilities » Top Five Web Application Vulnerabilities 9/2/08 - 9/14/08
Top Five Web Application Vulnerabilities 9/2/08 - 9/14/08

1) Joomla! Multiple Remote Vulnerabilities and Weaknesses

Joomla! is susceptible to multiple remote vulnerabilities which are exploitable via a browser.  Remote attackers can leverage these issues to conduct phishing attacks, redirect victims to attacker-controlled sites, and send unsolicited spam. Other attacks are also possible.  An update which addresses these issues has been released. Contact the vendor for more details.

http://www.securityfocus.com/bid/31103/

2)  Google Chrome Remote Denial of Service Vulnerability

Google Chrome is susceptible to a remote denial of service vulnerability because of insufficient sanitization of user supplied input. Attackers can exploit this issue to deny access to legitimate  users.  An update which addresses this issue has been released. Contact the vendor for further information.

http://www.securityfocus.com/bid/30983

3) @Mail and @Mail WebMail Multiple Cross-Site Scripting Vulnerabilities

@Mail and @Mail WebMail are susceptible to multiple Cross-Site Scripting vulnerabilities. If successfully exploited, these vulnerabilities could allow an attacker to steal confidential information and cookie-based authentication credentials, and possibly lead to execution of arbitrary code in the browser of an unsuspecting user. Fixes which address these issues have not yet been released. Contact the vendor for additional details.

http://www.securityfocus.com/bid/30992

4) Horde Application Framework Forward Slash Insufficient Filtering Cross-Site Scripting Vulnerability

Horde Application Framework is susceptible to a Cross-Site Scripting vulnerability. This vulnerability can be exploited to execute code in the browser of an unsuspecting user and steal cookie-based authentication credentials. Updates which address this issue have been released. Contact the vendor for further details.

http://www.securityfocus.com/bid/31107

5) phpAdultSite CMS 'results_per_page' Parameter Cross-Site Scripting Vulnerability

phpAdultSite CMS is susceptible to a Cross-Site Scripting vulnerability. An attacker can leverage this issue to execute script code in the browsers of unsuspecting users in context of the affected application, possibly leading to theft of authentication credentials and other attacks.  A fix for this issue has yet to be released. Contact the vendor for more information.

http://www.securityfocus.com/bid/31057

Posted 09-15-2008 8:10 PM by mark.painter
Filed under: , , , , , , , , ,
Privacy Statement
Powered by Community Server (Non-Commercial Edition), by Telligent Systems