Search
1.
(Code/Joomla!)
... get another code injection! This time it took a set of 3 different BBCodes (url, img and color) to be able to inject html attributes, but I once again had the contest site pointing back at mine.
I Win ...
3.
(Code/Joomla!)
The Joomla component Lyften Bloggie was recently exposed to suffer from an SQL Injection vulnerability. Since I had a current client that was running this software, with no fix in sight, I decided to take ...
4.
(Code/Joomla!)
... minimal user interaction
XSS 3: CSS Injection
[color=#ff0000;font-size:expression(document.write(String.fromCharCode(88,83,83)))]XSS[/color]
XSS 4: Nested [url] Tags
Requires minimal user ...
5.
(Code/Joomla!)
webee 1.1.1, a Joomla commenting plugin, suffers from multiple vulnerabilities.
SQL Injection
The 'articleId' is not sanitized.
index2.php?option=com_webeecomment&task=default&articleId=999 union ...
6.
(Code/Joomla!)
The Joomla component AWD Wall 1.5 suffers from an SQL Injection vulnerability in its handling of the 'cbuser' parameter.
?option=com_awdwall&view=awdwall&cbuser=62 and 1=1 limit 1 -- '
?option=com_awdwall&view=awdwall&cbuser=62 ...
7.
(Other/Other)
... this site.
Most forums allow a user to preview their submissions before posting. This is a good place to test for injections before haphazardly injecting codes!
So, without further ado, here is the ...
8.
(Code/Joomla!)
... editor was even nice enough to make my XSS injection pretty upon saving:
<script type="text/javascript">// <![CDATA[
alert('xss');
// ]]></script> ...
9.
(Code/Joomla!)
The Joomla component F!BB 1.5.96 RC suffers from multiple persistent XSS vulnerabilities, as well SQL Injection in its user search feature.
ICQ, MSN Profile Fields XSS
The MSN field will be rendered ...
10.
(Code/Joomla!)
The Simplest Forum BBCode Plugin 1.0.0 Beta 2 for Joomla suffers from a persistent XSS vulnerability that allows arbitrary injections of CSS rules.
[color=#FF0000;font-size:100px]XSS[/color]
Timeline ...
11.
(Code/Joomla!)
... is coupled with an SQL injection vulnerability introduced by a third party script, it would be trivial for an attacker to take control of an administrative account on the victim's site. The process would ...
12.
(Code/Joomla!)
The Joomla component Joo!BB 0.9.1 suffers from multiple persistent XSS vulnerabilities in its BBCode implementation, as well as Blind SQL Injection in its search feature.
Nested [img] XSS
[img]http://foo.com/fake.png ...
13.
(Code/Joomla!)
Well, another XSS vulnerable BBCode implementation, this time on JTag Ticketing System. This is the exact same vulnerability I posted about earlier concerning WebAmoeba.
[url=javascript:alert('xss
14.
(Code/Joomla!)
The Joomla component uddeIM is vulnerable to XSS injection in its BBCode implementation. Extra CSS parameters can be passed inside the [color] tag, and Internet Explorer versions before 8 will run scripts ...
Featured Extensions
$3.00
|
$1.00
|
$5.00
|
$3.00
|
Latest Articles
Jeff ChannellCart
Your Cart is currently empty.
Keywords
Template Info
-
Name
Circles -
Creation Date
06/28/09 -
Author
Jeff Channell -
Author Email
me@jeffchannell.com -
Author URL
http://jeffchannell.com -
Version
0.0.2 -
Description
Circles