CVE-2013-1852
published 2014-02-05CVE-2013-1852: SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
5.23%
91.5th percentile
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Affected
73 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kolja_schleich | leaguemanager | <= 3.8 | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
| kolja_schleich | leaguemanager | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2013-4461 cumin: filtering table operator not checked, leads to potential SQLi
bugzilla·2013-10-07·CVSS 7.5
CVE-2013-4461 [HIGH] CVE-2013-4461 cumin: filtering table operator not checked, leads to potential SQLi
CVE-2013-4461 cumin: filtering table operator not checked, leads to potential SQLi
A flaw was found in the way cumin parsed POST request data. A remote attacker could potentially use this flaw to perform SQL injection attacks on cumin's database.
Discussion:
Acknowledgements:
This issue was discovered by Tomáš Nováčik of the Red Hat MRG Quality Engineering team.
---
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2013:1852 https://rhn.redhat.com/errata/RHSA-2013-1852.html
---
This issue has been addressed in following products:
MRG for RHEL-5 v. 2
Via RHSA-2013:1851 https://rhn.redhat.com/errata/RHSA-2013-1851.html
Bugzilla
CVE-2013-4414 cumin: non-persistent XSS possible due to not escaping set limit form input
bugzilla·2013-08-19·CVSS 4.3
CVE-2013-4414 [MEDIUM] CVE-2013-4414 cumin: non-persistent XSS possible due to not escaping set limit form input
CVE-2013-4414 cumin: non-persistent XSS possible due to not escaping set limit form input
It was found that cumin did not properly escape input from the "Max allowance" field in the "Set limit" form of the cumin web interface. A remote attacker could use this flaw to perform cross-site scripting (XSS) attacks against victims by tricking them into visiting a specially crafted URL.
Discussion:
Acknowledgements:
This issue was discovered by Tomáš Nováčik of the Red Hat MRG Quality Engineering team.
---
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2013:1852 https://rhn.redhat.com/errata/RHSA-2013-1852.html
---
This issue has been addressed in following products:
MRG for RHEL-5 v. 2
Via RHSA-2013:1851 https://rhn.redhat.com/errata/RHSA-2013-1851.h
Bugzilla
CVE-2013-4405 cumin: CSRF protection does not work
bugzilla·2013-08-19·CVSS 6.8
CVE-2013-4405 [MEDIUM] CVE-2013-4405 cumin: CSRF protection does not work
CVE-2013-4405 cumin: CSRF protection does not work
It was found that multiple forms in the cumin web interface did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who is logged into the cumin web interface, into visiting a specially crafted URL, the attacker could perform actions in the context of the logged in user.
Discussion:
Acknowledgements:
This issue was discovered by Tomáš Nováčik of the Red Hat MRG Quality Engineering team.
---
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2013:1852 https://rhn.redhat.com/errata/RHSA-2013-1852.html
---
This issue has been addressed in following products:
MRG for RHEL-5 v. 2
Via RHSA-2013:1851 https://rhn.redhat.com/errata/RHSA-2013-1851.html
Bugzilla
CVE-2013-4404 cumin: missing authorization checks in forms, charts, and csv export widgets
bugzilla·2013-08-08·CVSS 6.5
CVE-2013-4404 [MEDIUM] CVE-2013-4404 cumin: missing authorization checks in forms, charts, and csv export widgets
CVE-2013-4404 cumin: missing authorization checks in forms, charts, and csv export widgets
A flaw was found in the way cumin enforced user roles, allowing an unprivileged cumin user to access a range of resources without having the appropriate role. A remote, authenticated attacker could use this flaw to access privileged information, and perform a variety of privileged operations.
Discussion:
Acknowledgements:
This issue was discovered by Tomáš Nováčik of the Red Hat MRG Quality Engineering team.
---
*** Bug 995016 has been marked as a duplicate of this bug. ***
---
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2013:1852 https://rhn.redhat.com/errata/RHSA-2013-1852.html
---
This issue has been addressed in following products:
MRG for RHEL-5
http://osvdb.org/91442http://packetstormsecurity.com/files/120817/WordPress-LeagueManager-3.8-SQL-Injection.htmlhttp://wordpress.org/plugins/leaguemanager/changeloghttp://www.exploit-db.com/exploits/24789http://osvdb.org/91442http://packetstormsecurity.com/files/120817/WordPress-LeagueManager-3.8-SQL-Injection.htmlhttp://wordpress.org/plugins/leaguemanager/changeloghttp://www.exploit-db.com/exploits/24789
2014-02-05
Published