MidnightBSD

Advisories for joachim_fritschi

CVE-2010-2795 MEDIUM

phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
joachim_fritschi phpcas 0.4.8
joachim_fritschi phpcas 0.4.11
joachim_fritschi phpcas 0.4.21
joachim_fritschi phpcas *
joachim_fritschi phpcas 0.4.17
joachim_fritschi phpcas 0.4.14
joachim_fritschi phpcas 0.4.13
joachim_fritschi phpcas 0.3
joachim_fritschi phpcas 0.4.5
joachim_fritschi phpcas 0.4.18
joachim_fritschi phpcas 1.0.1
joachim_fritschi phpcas 0.4.1
joachim_fritschi phpcas 0.4.3
joachim_fritschi phpcas 0.4.10
joachim_fritschi phpcas 1.1.0
joachim_fritschi phpcas 1.0.0
joachim_fritschi phpcas 0.2
joachim_fritschi phpcas 0.4.12
joachim_fritschi phpcas 0.4.23
joachim_fritschi phpcas 0.4.9
joachim_fritschi phpcas 0.4.19
joachim_fritschi phpcas 0.4.7
joachim_fritschi phpcas 0.5.1
joachim_fritschi phpcas 0.3.1
joachim_fritschi phpcas 0.6.0
joachim_fritschi phpcas 0.4.2
joachim_fritschi phpcas 0.4
joachim_fritschi phpcas 0.4.16
joachim_fritschi phpcas 0.4.15
joachim_fritschi phpcas 0.4.6
joachim_fritschi phpcas 0.3.2
joachim_fritschi phpcas 0.5.0
joachim_fritschi phpcas 0.4.22
joachim_fritschi phpcas 0.4.4
joachim_fritschi phpcas 0.4.20
CVE-2010-2796 LOW

Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joachim_fritschi phpcas 0.4.8
joachim_fritschi phpcas 0.4.11
joachim_fritschi phpcas 0.4.21
joachim_fritschi phpcas *
joachim_fritschi phpcas 0.4.17
joachim_fritschi phpcas 0.4.14
joachim_fritschi phpcas 0.4.13
joachim_fritschi phpcas 0.3
joachim_fritschi phpcas 0.4.5
joachim_fritschi phpcas 0.4.18
joachim_fritschi phpcas 1.0.1
joachim_fritschi phpcas 0.4.1
joachim_fritschi phpcas 0.4.3
joachim_fritschi phpcas 0.4.10
joachim_fritschi phpcas 1.1.0
joachim_fritschi phpcas 1.0.0
joachim_fritschi phpcas 0.2
joachim_fritschi phpcas 0.4.12
joachim_fritschi phpcas 0.4.23
joachim_fritschi phpcas 0.4.9
joachim_fritschi phpcas 0.4.19
joachim_fritschi phpcas 0.4.7
joachim_fritschi phpcas 0.5.1
joachim_fritschi phpcas 0.3.1
joachim_fritschi phpcas 0.6.0
joachim_fritschi phpcas 0.4.2
joachim_fritschi phpcas 0.4
joachim_fritschi phpcas 0.4.16
joachim_fritschi phpcas 0.4.15
joachim_fritschi phpcas 0.4.6
joachim_fritschi phpcas 0.3.2
joachim_fritschi phpcas 0.5.0
joachim_fritschi phpcas 0.4.22
joachim_fritschi phpcas 0.4.4
joachim_fritschi phpcas 0.4.20