FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371350
Date:      2014-10-22
Time:      08:54:58Z
Committer: matthew

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
da317bc9-59a6-11e1-bc16-0023ae8e59f0piwik -- xss and click-jacking issues

The Piwik Team reports:

We would like to thank the following security researchers for their responsible disclosure of XSS and click-jacking issues: Piotr Duszynski, Sergey Markov, Mauro Gentile.


Discovery 2012-02-16
Entry 2012-02-16
piwik
lt 1.7

"http://piwik.org/blog/2012/02/7775/"
da317bc9-59a6-11e1-bc16-0023ae8e59f0piwik -- xss and click-jacking issues

The Piwik Team reports:

We would like to thank the following security researchers for their responsible disclosure of XSS and click-jacking issues: Piotr Duszynski, Sergey Markov, Mauro Gentile.


Discovery 2012-02-16
Entry 2012-02-16
piwik
lt 1.7

"http://piwik.org/blog/2012/02/7775/"
23c8423e-9bff-11e0-8ea2-0019d18c446aPiwik -- remote command execution vulnerability

The Piwik security advisory reports:

The Piwik 1.5 release addresses a critical security vulnerability, which affect all Piwik users that have let granted some access to the "anonymous" user.

Piwik contains a remotely exploitable vulnerability that could allow a remote attacker to execute arbitrary code. Only installations that have granted untrusted view access to their stats (ie. grant "view" access to a website to anonymous) are at risk.


Discovery 2011-06-21
Entry 2011-06-21
piwik
ge 1.2 lt 1.5

ports/158084
http://piwik.org/blog/2011/06/piwik-1-5-security-advisory/
411ecb79-f9bc-11e0-a7e6-6c626dd55a41piwik -- unknown critical vulnerabilities

Secunia reports:

Multiple vulnerabilities with an unknown impact have been reported in Piwik. The vulnerabilities are caused due to unspecified errors. No further information is currently available.


Discovery 2011-10-18
Entry 2011-10-20
piwik
gt 1.1 lt 1.6

http://secunia.com/advisories/46461/
http://piwik.org/blog/2011/10/piwik-1-6/
23c8423e-9bff-11e0-8ea2-0019d18c446aPiwik -- remote command execution vulnerability

The Piwik security advisory reports:

The Piwik 1.5 release addresses a critical security vulnerability, which affect all Piwik users that have let granted some access to the "anonymous" user.

Piwik contains a remotely exploitable vulnerability that could allow a remote attacker to execute arbitrary code. Only installations that have granted untrusted view access to their stats (ie. grant "view" access to a website to anonymous) are at risk.


Discovery 2011-06-21
Entry 2011-06-21
piwik
ge 1.2 lt 1.5

ports/158084
http://piwik.org/blog/2011/06/piwik-1-5-security-advisory/
411ecb79-f9bc-11e0-a7e6-6c626dd55a41piwik -- unknown critical vulnerabilities

Secunia reports:

Multiple vulnerabilities with an unknown impact have been reported in Piwik. The vulnerabilities are caused due to unspecified errors. No further information is currently available.


Discovery 2011-10-18
Entry 2011-10-20
piwik
gt 1.1 lt 1.6

http://secunia.com/advisories/46461/
http://piwik.org/blog/2011/10/piwik-1-6/