| Anonymous | Login | Signup for a new account | 2018-12-15 15:52 UTC |  |
| My View | View Issues | Change Log | Roadmap | Repositories | My Account |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0000286 | WeBid | [All Projects] General | public | 2011-06-22 14:26 | 2011-08-14 13:12 | ||||
| Reporter | EgiX | ||||||||
| Assigned To | |||||||||
| Priority | @0@ | Severity | minor | Reproducibility | have not tried | ||||
| Status | resolved | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 1.0.2 | ||||||||
| Target Version | Fixed in Version | 1.0.3 | |||||||
| Summary | 0000286: Multiple Security Vulnerabilities | ||||||||
| Description | Hi, I'm EgiX. I found some security vulnerabilities in WebId (I've tested only 1.0.2 version). I've tried to report this issues through "Contact Us" form, but I haven't received replies. So yesterday I've posted my issues to the http://sourceforge.net/apps/mantisbt/simpleauction/view.php?id=34" [^" title="]bugtrack">]bugtrack. I think this are critical security flaws, so I decided not to publish exploits in the absence of a patch but a responsible disclosure to you. | ||||||||
| Tags | No tags attached. | ||||||||
| import_id | 288 | ||||||||
| Thread | |||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0000744) EgiX (reporter) 2011-06-22 14:45 edited on: 1970-01-01 00:00 |
I noticed that http://www.autosectools.com/Advisory/WeBid-0.8.5P1-Local-File-Inclusion-63" [^" title="]this vulnerability ">]this vulnerability (found in 0.8.5P1 version) Isn't still patched, the vulnerable code is: |
|
(0000749) renlok (administrator) 2011-06-22 22:08 edited on: 1970-01-01 00:00 |
Cheers for posting this ive posted fixed at http://www.webidsupport.com/forums/showthread.php?3892-Important-security-patches&p=19598#post19598[/url] [^] but when im on my computer ill upload a new package with all the fixes included |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2015-04-01 13:17 | renlok | New Issue | |
| 2015-04-01 13:17 | renlok | import_id | => 288 |
| 2015-04-01 13:17 | renlok | Date Submitted | 2015-04-01 13:17 => 2011-06-22 14:26 |
| 2015-04-01 13:17 | renlok | Last Update | 2015-04-01 13:17 => 2011-08-14 13:12 |
|
Issue History |
| Copyright © 2000 - 2018 MantisBT Team |
|