FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
46aeba13-64a1-11e1-bc16-0023ae8e59f0openx -- undisclosed security issue

OpenX does not provide information about vulnerabilities beyond their existence.


Discovery 2011-12-01
Entry 2012-03-02
Modified 2012-07-08
openx
lt 2.8.9

http://blog.openx.org/12/security-matters-3
dee44ba9-08ab-11e2-a044-d0df9acfd7e5OpenX -- SQL injection vulnerability

Secunia reports:

A vulnerability has been discovered in OpenX, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "xajaxargs" parameter to www/admin/updates-history.php (when "xajax" is set to "expandOSURow") is not properly sanitised in e.g. the "queryAuditBackupTablesByUpgradeId()" function (lib/OA/Upgrade/DB_UpgradeAuditor.php) before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 2.8.9. Prior versions may also be affected.


Discovery 2012-09-14
Entry 2012-09-27
openx
lt 2.8.10

http://secunia.com/advisories/50598/
46aeba13-64a1-11e1-bc16-0023ae8e59f0openx -- undisclosed security issue

OpenX does not provide information about vulnerabilities beyond their existence.


Discovery 2011-12-01
Entry 2012-03-02
Modified 2012-07-08
openx
lt 2.8.9

http://blog.openx.org/12/security-matters-3
dee44ba9-08ab-11e2-a044-d0df9acfd7e5OpenX -- SQL injection vulnerability

Secunia reports:

A vulnerability has been discovered in OpenX, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "xajaxargs" parameter to www/admin/updates-history.php (when "xajax" is set to "expandOSURow") is not properly sanitised in e.g. the "queryAuditBackupTablesByUpgradeId()" function (lib/OA/Upgrade/DB_UpgradeAuditor.php) before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 2.8.9. Prior versions may also be affected.


Discovery 2012-09-14
Entry 2012-09-27
openx
lt 2.8.10

http://secunia.com/advisories/50598/