High-Tech Bridge's Vice-President Stephane Koch will make a speech at Fribourg IT Security Day (FISD) about human risks, social engineering and other dangers that users face in the era of Social Networks.
Fribourg IT Security Day 2013 will take place:
Official event program and registration are available here. High-Tech Bridge look forward meeting you at FISD 2013!
High-Tech Bridge participates for the second time at ITSecuDay Geneva as a Gold Sponsor of the event. The event will gather leading security experts from Geneva to discuss the latest trends in information security.
ITSecuDay Geneva 2013 will take place:
Event program is available here. To participate at the event please follow the Registration.
High-Tech Bridge SA, a leading Swiss information security company recognized as one of the market leaders and best service providers in the ethical hacking industry by Frost & Sullivan in 2012, is pleased to introduce ImmuniWeb® Beta.
ImmuniWeb® is a next-generation web application security assessment solution with Software-as-a-Service delivery model. It is a unique hybrid of cutting-edge web security scanner and accurate manual web application penetration test.
Ilia Kolochenko, CEO of High-Tech Bridge, says: "Today many SMBs are unfairly prevented from securing their websites due to budget, internal technical skills or administrative restrictions. We are glad to launch our innovative SaaS ImmuniWeb® that enables SMBs to secure their websites in simple, efficient and cost-affordable manner. Starting today the service will run in Beta mode during some time in order to get feedback from our customers and probably add some additional features and options they will consider useful."
Marsel Nizamutdinov, Chief Security Research Officer, adds: "I am very glad that after several years of our hard work we can finally announce the launch of ImmuniWeb®. This will enable anyone to benefit from our skills, experience and research in the domain of web application security. Moreover, other similar products that make information security simple, efficient and fair are currently being developed. Our Corporate Management invests a lot into Research and Development and will continue to do so in the future to assure permanent growth and innovation.
Frederic Bourla, Chief Security Specialist, comments: "According to the recent ISTR 2013 study from Symantec, SMEs are now clearly a prime target for hackers. In 2012 businesses with fewer than 250 employees were targeted by nearly one third of worldwide cyber-attacks, which is approximately twice as much as the previous year. And from our own experience those figures are probably slightly lower than the reality in Switzerland, so we are now pleased to offer SMEs the opportunity to address this trend."
ImmuniWeb® Beta is currently available to the holders of Invite Codes distributed by High-Tech Bridge. It is also possible to leave a request for Invite Code on ImmuniWeb® Portal.
Source: High-Tech Bridge
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Exponent CMS, which can be exploited to execute arbitrary SQL commands in the database of vulnerable application and execute arbitrary PHP code on the vulnerable system.
SQL Injection in Exponent CMS: CVE-2013-3294
The vulnerability exists due to insufficient filtration of "src" and "username" HTTP GET parameters passed to "/index.php" script. A remote unauthenticated attacker can execute arbitrary SQL commands in application's database.
PHP File Inclusion in Exponent CMS: CVE-2013-3295
The vulnerability is caused by improper filtration of user-supplied input passed via the "page" HTTP GET parameter to "/install/popup.php" script, which is publicly accessible after CMS installation by default. A remote unauthenticated attacker can include arbitrary PHP files from the local system using directory traversal sequences with URL-encoded NULL byte, read arbitrary files or execute arbitrary PHP code on the target system.
Also Proof-of-Concept (POC) provided in advisory.
Solution:
Fixed by Vendor, Upgrade to Exponent CMS v2.2.0 Release Candidate 1
References:
[1] High-Tech Bridge Advisory HTB23154: Multiple Vulnerabilities in Exponent CMS.
[2] Exponent CMS - Exponent is a website content management system (or CMS) that allows site owners to easily create and manage dynamic websites without necessarily directly coding web pages, or managing site navigation.
High-Tech Bridge Security Research Lab discovered multiple security issues in Jojo CMS, which can be exploited to perform SQL Injection and Cross-Site Scripting (XSS) attacks.
SQL Injection in Jojo CMS: CVE-2013-3081
The vulnerability is caused by insufficient filtration of user-supplied input passed to the "X-Forwarded-For" HTTP header in "/articles/test/" URI. A remote unauthenticated attacker can send a specially crafted HTTP request and execute arbitrary SQL commands in application's database.
Successful exploitation of the SQLi requires that "jojo comments" plugin is enabled (disabled by default).
Cross-Site Scripting (XSS) in Jojo CMS: CVE-2013-3082
The vulnerability exists due to insufficient filtration of user-supplied data passed to "search" HTTP POST parameter in "/forgot-password/" URI. A remote attacker can trick a user to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
Also Proof-of-Concept (POC) provided in advisory.
Solution:
Fixed by Vendor, Upgrade to Jojo CMS to version 1.2.2
References:
[1] High-Tech Bridge Advisory HTB23153: Multiple vulnerabilities in Jojo CMS
[2] Jojo CMS - Jojo is a PHP-based free CMS for web developers wanting to build good websites.
High-Tech Bridge Security Research Lab discovered CSRF vulnerability in UMI.CMS, which can be exploited to perform Cross-Site Request Forgery (CSRF) attacks and create new administrator in the vulnerable application.
Cross-site Request Forgery (CSRF) in UMI.CMS: CVE-2013-2754
The application allows authorized administrator to perform certain sensitive actions via HTTP requests without making proper validity checks to verify the source of these HTTP requests. This can be exploited to perform any actions with administrator privileges, such as adding new administrator to the system.
A remote attacker can create a specially crafted webpage, trick a logged-in administrator to open it and create new user with administrative privileges.
A basic CSRF exploit that will create new administrator with "csrfuser" as a login and "password" as a password provided in advisory.
Solution:
Fixed by Vendor, Upgrade to UMI.CMS 2.9 build 21905
Changelog: http://www.umi-cms.ru/support/changelog/ (task number 17390)
References:
[1] High-Tech Bridge Advisory HTB23151: Cross-Site Request Forgery (CSRF) in UMI.CMS.
[2] UMI.CMS - UMI.CMS is a fast and scalable content management system.
GetSimple CMS version 3.1.2 suffers from cross-site scripting vulnerabilities, which can be exploited to perform Cross-Site Scripting (XSS) attacks.
Cross-site scripting (XSS) in GetSimple CMS (CVE-2013-1420): the issues exists due to insufficient sanitisation of user-supplied data passed via the "id" HTTP GET parameter to "/admin/backup-edit.php", "path" HTTP GET parameter to "/admin/upload.php", "title" and "menu" HTTP GET parameters to "/admin/edit.php", "path" and "returnid" HTTP GET parameters to "/admin/filebrowser.php" scripts. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.GetSimple CMS has XSS filter, however it can be bypassed as demonstrated in PoC examples of High-Tech Bridge advisory HTB23141.
b2evolution v4.1.6 suffers from SQL Injection [CWE-89] weakness due to insufficient validation of HTTP GET parameter "show_statuses" in "blogs/admin.php" script.
This vulnerability was exploitable via CSRF vector, but were fixed by vendor in version: b2evolution 4.1.7
Source: High-Tech Bridge Advisory HTB23152.
KrisonAV CMS version 3.0.1 suffers from cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities.
Solution: Both security weaknesses are now fixed, upgrade to KrisonAV CMS version 3.0.2.
Source: High-Tech Bridge Advisory HTB23150 - Multiple Vulnerabilities in KrisonAV CMS
