BugTracker.Net: Multiple Vulnerabilities

Users of BugTracker.Net please be advised of Multiple vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

CORE-2010-1109: [CORE-2010-1109] Multiple vulnerabilities in BugTracker.Net
*Vulnerability Description*

BugTracker.NET [1][2] is an open-source web-based bug tracker written
using ASP.NET, C#, and Microsoft SQL Server. Several cross-site
scripting and SQL-injection vulnerabilities were found in the following
files of the BugTracker.NET:

. *bugs.aspx*. SQL injection in line 141.
. *delete_query.aspx*. No sanitization for ‘row_id.Value’ in line 30.
. *edit_bug.aspx*. Variables without sanitization in lines 1846 and 1857.
. *edit_bug.aspx*. No sanitization for variable ‘new_project’, line 2214.
. *edit_bug.aspx*. XSS in line 2918.
. *edit_comment.aspx*. XSS in line 233.
. *edit_customfield.aspx*. Lines 165 and 172, no sanitization.
. *edit_user_permissions2.aspx*. XSS in line 40.
. *massedit.aspx*. SQL Injection in line 162.

Read more at http://www.criticalwatch.com

 

Advertisements