[KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability

nce: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1412 to this vulnerability. • Credits: Vulnerability discovered by Egidio Romano. • Original Advisory: http://karmainsecurity.com/KIS-2013-01

[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability

oject (cve.mitre.org) has assigned the name CVE-2013-1465 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-02

[KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability

assigned the name CVE-2013-1453 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-03

[KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability

13] - Vendor update released [26/04/2013] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3242 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-04

[KIS-2013-05] vtiger CRM <= 5.4.0 (customerportal.php) Two Local File Inclusion Vulnerabilities

org) has assigned the name CVE-2013-3212 to these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-05

[KIS-2013-07] vtiger CRM <= 5.4.0 (vtigerolservice.php) PHP Code Injection Vulnerability

3/2013] - Vendor patch released [18/04/2013] - CVE number requested [20/04/2013] - CVE number assigned [01/08/2013] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3214 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-07

[KIS-2013-08] vtiger CRM <= 5.4.0 (SOAP Services) Authentication Bypass Vulnerability

-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3215 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-08

[KIS-2013-06] vtiger CRM <= 5.4.0 (SOAP Services) Multiple SQL Injection Vulnerabilities

[06/02/2013] - Vendor asked feedback abouthttp://trac.vtiger.com/cgi-bin/trac.cgi/changeset/13848 [05/03/2013] - Feedback provided to the vendor [26/03/2013] - Vendor patch released [18/04/2013] - CVE number requested [20/04/2013] - CVE number assigned [01/08/2013] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3213 to these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-06

[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability

imeline: [02/03/2013] - Vendor notified [22/03/2013] - Version 2.0.18.6 released: http://git.io/7EXdpQ [10/05/2013] - CVE number assigned [07/10/2013] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3528 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-09

[KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability

r still no official solution available [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1349 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-10

[KIS-2014-05] Dotclear <= 2.6.2 (XML-RPC Interface) Authentication Bypass Vulnerability

disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3781 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-05

[KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability

its: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-06

[KIS-2014-07] Dotclear <= 2.6.2 (categories.php) SQL Injection Vulnerability

r requested [19/05/2014] - CVE number assigned [21/05/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3783 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-07

[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability

Vendor replied there's no need to alert its users because the vulnerability is very weak [14/07/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3990 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-08

[KIS-2014-09] X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability

http://x2community.com/?showtopic=1804 [01/08/2014] - CVE number requested [16/08/2014] - CVE number assigned [05/09/2014] - Version 4.2 released [23/09/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-52

[KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability

mon Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-5298 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-10

[KIS-2014-11] TestLink <= 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability

/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-8081 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-11

[KIS-2014-12] TestLink <= 1.9.12 (database.class.php) Path Disclosure Weakness

rg) has assigned the name CVE-2014-8082 to this weakness. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-12

[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability

assigned the name CVE-2014-8791 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-13

[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability

3 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-14

[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability

pdate to version 3.4.3 or later. [-] Disclosure Timeline: [29/09/2014] - Vendor notified [29/09/2014] - Vendor response [09/10/2014] - Version 3.4.3 released: http://blog.osclass.org/2014/10/09/osclass-3-4-3 [09/10/2014] - CVE number requested [11/10/2014] - CVE number assigned [31/12/2014] - Pub

[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability

[31/12/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-8085 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-16

[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability

[-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-7146 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-18

[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability

ssigned the name CVE-2014-7285 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano, Secunia Research. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-19

[KIS-2016-07] SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability

The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-07

[KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities

abilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-04

[KIS-2016-05] SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities

-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-05

[KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability

olution is currently available against the SSRF and XSS attack vectors. [-] Disclosure Timeline: [15/10/2014] - Vendor notified [15/12/2014] - Version 6.5.19 CE released: http://bit.do/sugar6519 [29/04/2015] - CVE number requested [23/06/2016] - Public disclosure [-] CVE Reference: T

[KIS-2016-08] Concrete5 <= 5.7.3.1 Multiple Cross-Site Request Forgeries Vulnerabilities

The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-08 [-] Other References: https://hackerone.

[KIS-2016-09] Concrete5 <= 5.7.3.1 Multiple Stored Cross-Site Scripting Vulnerabilities

;post('msgstr')); 116.} User input passed through the "msgstr" POST parameter is not properly sanitized before being stored. This can be exploited by an authenticated attacker to permanently store arbitrary script code within the database, which might be executed by another user while browsing to the "Translate Site Interface" page. NOTE: the vulnerability can be exploited only by authenticated users, however an attacker can leverage a CSRF vulnerability related to the "Translate Site Interface" page. [-] Solution: Update to a fixed version. [-] Disclosure Timeline: [05/05/2015] - Vulnerabilities details sent through HackerOne [02/10/2015] - CVE number requested [28/12/2015] - Vendor said the vulnerabilities should be fixed in the upstream [26/06/2016] - Vulnerabilities publicly disclosed on HackerOne [28/06/2016] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-09 [-] Other References: https://hackerone.com/reports/59662

[KIS-2016-10] Concrete5 <= 5.7.3.1 (Application::dispatch) Local File Inclusion Vulnerability

advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-10 [-] Other References: https://hackerone.com/reports/59665

[KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability

er assigned [07/07/2016] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2016-6174 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-11

[KIS-2015-01] Concrete5 <= 5.7.3.1 (sendmail) Remote Code Execution Vulnerability

isory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a name to this vulnerability yet. [-] Credits: Vulnerability discovered by Egidio Romano of Minded Security. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-01 [-] Other References: https://hackerone.com/reports/59663

[KIS-2015-02] Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities

Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities [-] Software Link: https://www.concrete5.org/ [-] Affected Vers

[KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability

4] - CVE number requested [11/06/2014] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a name to this vulnerability yet. [-] Credits: Vulnerability discovered by Egidio Romano of Minded Security. [-] O

[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability

E number assigned [11/09/2015] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-6497 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano of Minded Security. [-] Original Advisory:

[KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability

-9752 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-05

[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability

er requested [05/10/2015] - CVE number assigned [04/11/2015] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-9753 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-06

[KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability

er requested [05/10/2015] - CVE number assigned [06/10/2015] - After one year still no official solution available [04/11/2015] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-7712 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-08

[KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability

e.mitre.org) has assigned the name CVE-2015-7711 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-07

[KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability

angelog/piwik-2-15-0 [04/11/2015] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-7815 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-09

[KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability

-2015-7816 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-10

[KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability

n updated [01/12/2015] - CVE number requested [01/12/2015] - CVE number assigned [12/01/2016] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-8379 to this vulnerability. [-] Credits: Vulnerability discove

[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability

re in RSS feed) have been accepted and you will be receiving a bounty of USD $9,000." [02/02/2016] - CVE number assigned [12/02/2016] - Bug bounty received [23/02/2016] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2016-2212 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-02

[KIS-2018-01] Oracle Application Express (AnyChart) Flash-based Cross-Site Scripting Vulnerability

16/01/2018] - Oracle fixed the issue in the January Critical Patch Update (CPU) [31/12/2018] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2018-2699 to this vulnerability. [-] Credits: Vulnerability discove

[KIS-2018-02] SugarCRM (WorkFlow module) PHP Code Injection Vulnerability

12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-

[KIS-2018-03] SugarCRM (portal_get_related_notes) SQL Injection Vulnerability

t assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2018-03 [-] Other References: https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2018-003/

[KIS-2018-04] SugarCRM (ConnectorsController) Server-Side Request Forgery Vulnerability

- Fixed versions released and security advisory published [31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio R

[KIS-2018-06] SugarCRM (addLabels) PHP Code Injection Vulnerability

ublished [31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecu

[KIS-2018-05] SugarCRM (SaveDropDown) PHP Code Injection Vulnerability

s advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2018-05 [-] Other Referenc

[KIS-2018-07] SugarCRM (Web Logic Hooks module) PHP Code Injection Vulnerability

ublished [31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecu

[KIS-2018-08] SugarCRM (Web Logic Hooks module) Path Traversal Vulnerability

published [31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainse