Author Topic: Exploits - gefährlich? Fixed? (Read 3924 times)

.Infecto · « **on:** December 07, 2015, 01:33:27 AM »

Hallo zusammen,

ich bin im Web auf folgendes gestossen:

Betrifft 4images 1.7.11, 1.7.12
Allgemein: https://blog.curesec.com/

Quote

VulDB: 4images bis 1.7.11 admin/categories.php cat_description Cross Site Scripting
http://www.scip.ch/?vuldb.78256

Quote

4images 1.7.11 ( Ddos / Flood ) Exploit
https://www.youtube.com/watch?v=mKqnfqkgkfA

Quote

4images 1.7.11: Code Execution Exploit
https://blog.curesec.com/article/blog/4images-1711-Code-Execution-Exploit-117.html

Quote

4images 1.7.11 File Inclusion
https://packetstormsecurity.com/files/132335/4images-1.7.11-File-Inclusion.html

Quote

4images 1.7.11 Cross Site Scripting
https://packetstormsecurity.com/files/133712/4images-1.7.11-Cross-Site-Scripting.html

Quote

4images 1.7.11: Code Execution
https://blog.curesec.com/article/blog/4images-1711-Code-Execution-105.html

Quote

4images 1.7.12: XSS
https://blog.curesec.com/article/blog/4images-1712-XSS-110.html

Rembrandt · « **Reply #1 on:** December 07, 2015, 05:14:28 AM »

Hast du auch gelesen was darunter steht?

Quote

6. Solution
To mitigate this issue please upgrade at least to version 1.7.13:
http://www.4homepages.de/download-4images

.Infecto · « **Reply #2 on:** December 07, 2015, 01:46:07 PM »

Ne, überlesen.
Ok, danke!

4images Forum & Community