• Vulnerability: XSS
• Affected Software: KingComposer (80,000+ active installations)
• Affected Version: 2.7.6
• Patched Version: none
• Risk: Medium
• Vendor Contacted: 10/25/2018
• Vendor Fix: none
• Public Disclosure: 02/05/2019

• Vulnerability: XSS
• Affected Software: Font_Organizer (30,000+ active installations)
• Affected Version: 2.1.1
• Patched Version: none
• Risk: Medium
• Vendor Contacted: 10/25/2018
• Vendor Fix: none
• Public Disclosure: 02/05/2019

• Vulnerability: XSS
• Affected Software: NextScripts: Social Networks Auto-Poster (100,000+ active installations)
• Affected Version: 4.2.7
• Patched Version: 4.2.8
• Risk: Medium
• Vendor Contacted: 10/25/2018
• Vendor Fix: 11/02/2018
• Public Disclosure: 02/05/2019

• Vulnerability: Cross-Site Request Forgery
• Affected Software: TP-Link TL-WR841N v13
• Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n
• Patched Version: None
• Risk: High
• Vendor Contacted: 05/20/2018
• Vendor Fix: None
• Public Disclosure: 06/27/2018

Overview

The web interface of the router is vulnerable to CSRF. An attacker can perform arbitrary actions in the name of an authenticated user if that user visits an attacker-controlled website.

• Vulnerability: Authenticated Blind Command Injection
• Affected Software: TP-Link TL-WR841N v13
• Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n
• Patched Version: None
• Risk: High
• Vendor Contacted: 05/20/2018
• Vendor Fix: None
• Public Disclosure: 06/27/2018

Overview

The ping and traceroute functionalities allow for OS command injection. An authenticated attacker can use this to execute arbitrary commands on the router by sending specifically crafter HTTP requests to it.

• Vulnerability: Broken Authentication
• Affected Software: TP-Link TL-WR841N v13
• Affected Version: 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n
• Patched Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n
• Risk: High
• Vendor Contacted: 05/20/2018
• Vendor Fix: Issue was independently fixed in previous version
• Public Disclosure: 06/27/2018

• Vulnerability: Clickjacking, Missing HTTPS
• Affected Software: TP-Link TL-WR841N v13
• Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n
• Patched Version: None
• Risk: Medium
• Vendor Contacted: 05/20/2018
• Vendor Fix: None
• Public Disclosure: 06/27/2018

• Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc
• Affected Software: GetSimple CMS
• Affected Version: 3.3.5 (probably also prior versions)
• Partially Patched Version: 3.3.6
• Risk: Medium-High
• Vendor Contacted: 2015-06-14
• Vendor Partial Fix: 2015-07-14
• Public Disclosure: 2015-07-15

GetSimple CMS is a content management system written in PHP. It does not use a database, but xml files instead.

There are various vulnerabilities in version 3.3.5, most of which are fixed in version 3.3.6.

For version 3.3.6 it is important that the htaccess file of GetSimple CMS can be read by the server, as otherwise passwords and other sensitive information will be disclosed (the functionality of the website itself is not affected by an unread htaccess file, so it might go unnoticed).

• Vulnerability: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution
• Affected Software: ZenPhoto
• Affected Version: 1.4.8 (probably also prior versions)
• Patched Version: 1.4.9
• Risk: Medium
• Vendor Contacted: 2015-05-18
• Vendor Fix: 2015-07-09
• Public Disclosure: 2015-07-10

ZenPhoto is an open-source CMS written in PHP with a focus on hosting images. There are multiple vulnerabilities in version 1.4.8, including SQL injection and XSS vulnerabilities.

• Vulnerability: Code Execution, CSRF, XSS, Information Disclosure
• Affected Software: WordPress File Upload (WordPress Plugin)
• Affected Version: 2.7.6 (probably also prior versions)
• Patched Version: 3.0.0
• Risk: High
• Vendor Contacted: 2015-06-30
• Vendor Fix: 2015-07-02
• Public Disclosure: 2015-07-02