Search

Advanced Search

Search Only:



Total: 29 results found.
Search Keyword vulnerability
Page 1 of 2
«StartPrev12NextEnd»
1.
JComments 2.2.0.0 Persistent XSS
(Code/Joomla!)
JComments 2.2.0.0 suffers from a persistent XSS vulnerability in the way it handles certain BBCodes. If [url] and [img] tags are available, the following malformed BBCode will result in code execution: ...
2.
CompojoomComment 4.1.5 Multiple Vulnerabilities
(Code/Joomla!)
Since the CompojoomComment Hacking Contest is now over, and I was the only winner, I figured I'd go ahead and share my winning entries. These vulnerabilities are present in CompojoomComment 4.1.5, and ...
3.
Hack CompojoomComment? Ok!
(Code/Joomla!)
Compojoom, developers of CompojoomComment, opened up a contest to hack their comment component. After being alerted to the contest by my good friend Lafrance, I took a peek and had a working XSS exploit ...
4.
Lyften Bloggie SQL Injection Fix
(Code/Joomla!)
The Joomla component Lyften Bloggie was recently exposed to suffer from an SQL Injection vulnerability. Since I had a current client that was running this software, with no fix in sight, I decided to take ...
5.
Ninjaboard 0.5.0beta Multiple Vulnerabilities
(Code/Joomla!)
The Joomla component Ninjaboard 0.5.0beta suffers from multiple persistent XSS vulnerabilities in its BBCode implementation, as well as a minor CSRF vulnerability and a minor Path Disclosure vulnerability. ...
6.
webee 1.1.1 Multiple Vulnerabilities
(Code/Joomla!)
webee 1.1.1, a Joomla commenting plugin, suffers from multiple vulnerabilities. SQL Injection The 'articleId' is not sanitized. index2.php?option=com_webeecomment&task=default&articleId=999 union ...
7.
Joomla Commentator 1.1b3 Admin XSS Vulnerability
(Code/Joomla!)
Joomla Commentator 1.1b3, a Joomla commenting plugin, suffers from an XSS vulnerability in its "title" field that enables attackers to possibly run scripts as an administrator. title"/onmouseover="alert(/xss/.source) Timeline ...
8.
Jeff, thank you for your help in resolvi
(Comments/All)
Jeff, thank you for your help in resolving this issue for me. I still don't think the whole how-to should have been posted, but I do agree with making people aware that there IS a vulnerability. Now that ...
9.
When the developer doesn't care to fix i
(Comments/All)
When the developer doesn't care to fix it, is it better to know a vulnerability exists, or to be in the dark and let someone else find it? Take a look yourself: this was posted in April 2009, and an ...
10.
It's one thing to say, hey, there's a vu
(Comments/All)
It's one thing to say, hey, there's a vulnerability here, I should let the developer know so they can fix it. It's another thing entirely to just post a step-by-step manual on how to exploit the vulnerability, ...
11.
AWD Wall 1.5 Blind SQL Injection Vulnerability
(Code/Joomla!)
The Joomla component AWD Wall 1.5 suffers from an SQL Injection vulnerability in its handling of the 'cbuser' parameter. ?option=com_awdwall&view=awdwall&cbuser=62 and 1=1 limit 1 -- ' ?option=com_awdwall&view=awdwall&cbuser=62 ...
12.
BBCode XSS Howto
(Other/Other)
... IMG Tag Injection This is basically the IMG Tag injection above with a twist: using nested tags to achieve the injection. This is based off the vulnerability found by Julian A. Rodriguez affecting Phorum. ...
13.
EasyBook 2.0.0rc4 Multiple XSS Vulnerabilities
(Code/Joomla!)
The Joomla component EasyBook 2.0.0rc4 suffers from multiple persistent XSS vulnerabilities. One seems fairly critical, while the others would take some incredible creativity to actively exploit. BBCode ...
14.
ccBoard 1.1-RC XSS Vulnerability
(Code/Joomla!)
The Joomla component ccBoard 1.1-RC suffers from a Cross Site Scripting vulnerability if certain conditions are met. The forum must be set up to use the internal HTML editor and not bbCode. This is the ...
15.
F!BB 1.5.96 RC Multiple Vulnerabilities
(Code/Joomla!)
... in the page twice. "><script>alert(document.cookie)</script><b f=" AIM Profile Field XSS This vulnerability has a limited number of characters, but this will inject ...
16.
Rapid Forum XSS Vulnerability
(Code/Joomla!)
The Joomla component Rapid Forum suffers from a persistent XSS vulnerability. This vulnerability is pretty easy to exploit, as Rapid Forum does absolutely no validation or encoding whatsoever. <script>alert(document.cookie)</script> Timeline ...
17.
Simplest Forum BBCode Plugin 1.0.0 Beta 2 XSS Vulnerability
(Code/Joomla!)
The Simplest Forum BBCode Plugin 1.0.0 Beta 2 for Joomla suffers from a persistent XSS vulnerability that allows arbitrary injections of CSS rules. [color=#FF0000;font-size:100px]XSS[/color] Timeline ...
18.
Testimonial Ku 2.0 Admin Panel Persistent XSS
(Code/Joomla!)
The Joomla component Testimonial Ku 2.0 is vulnerable to persistent XSS in the administrator panel. A malicious user can submit a testimonial containing <script> tags with absolutely no quotes and ...
19.
!JoomlaComment 4.0 beta1 Multiple XSS Vulnerabilities
(Code/Joomla!)
... XSS vulnerability executes in the administrator area as well. [color] BBCode Tag XSS [color=red;font-size:expression(alert(String.fromCharCode(88,83,83)))]XSS[/color] This XSS vulnerability executes ...
20.
Joomla Reset Password Insecurity
(Code/Joomla!)
... is coupled with an SQL injection vulnerability introduced by a third party script, it would be trivial for an attacker to take control of an administrative account on the victim's site. The process would ...
Page 1 of 2
«StartPrev12NextEnd»

Featured Extensions

$1.00
FREE
You Save: $1.00
FREE
$20.00
$10.00
$5.00
You Save: $5.00

Latest Articles

Most Popular

Joomla Extensions