Home
Hu
XSS Cheat Sheet
My Exploits
My tools
Vulnerabilities
My documents
About me
Links
Relinking
Impressum

Joomla Component My Car Multiple Vulnerabilities

Please view the document here.

The Joomla Component My Car (V. 1.0) is exposed to XSS attacks. Due to SQL errors it is furthermore possible to reveal sensitive information (e.g. the absolute path of the website and queries).

May 28th, 2010 in SQL Injection, XSS | tags: advisory, com_mycar, exploit, html code injection, information disclosure, Security, sql injection, vulnerabilities, XSS

You must be logged in to post a comment.

Ascii for Breakfast

Register here Blog about Xen, IT-Security, Linux and other stuff.

valentin@xenuser.org

Active projects

Exploit-DB updates

[webapps] - XRayCMS 1.1.1 SQL Injection Vulnerability
[webapps] - Tube Ace(Adult PHP Tube Script) SQL Injection
[webapps] - BASE 1.4.5 (base_qry_main.php t_view) SQL Injection Vulnerability
[dos] - PDF Viewer Component ActiveX DoS
[webapps] - GAzie <= 5.20 Cross Site Request Forgery
[papers] - [Turkish] Analysis of a Browser Exploit
[dos] - Edraw Diagram Component 5 ActiveX buffer overflow DoS
[dos] - PHP 5.4.0RC6 64bit Denial of Service
[papers] - [Turkish] DoS/DDoS Attacks Agains DNS
[dos] - PHP 5.4SVN-2012-02-03 htmlspecialchars/entities Buffer Overflow
[dos] - torrent-stats httpd.c Denial of Service
[webapps] - Achievo v1.4.3 - Multiple Web Vulnerabilities
[webapps] - OSCommerce v3.0.2 - Persistent Cross Site Vulnerability
[remote] - Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute - [CVE: 2008-2551]
[remote] - Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
[dos] - NetSarang Xlpd Printer Daemon 4 Denial of Service Vulnerability
[dos] - OfficeSIP Server 3.1 Denial Of Service Vulnerability
[webapps] - Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
[webapps] - Sphinix Mobile Web Server 3.1.2.47 Multiple Persistent XSS Vulnerabilities
[papers] - [French] Votre première exploitation de BOF

blog.xen.org

Give us input for the new Xen.org website
XenSummit 2012: Dates, Location, PMC & CFP
Please welcome Ian Campbell as Committer for Xen Hypervisor Project (ARMv7+VE)
Xen 3.4.4 Update Release
Xen in Linux 3.2, 3.3 and Beyond
2012 Xen Event Calendar
Oracle hosted Xen Hackathon
Xen.org 2011 Year in Review
Xen @ Build a Cloud Day Boston
Xen Day Boston

29 feed subscribers

Ascii for BreakfastSubscribe here (RSS)

Joomla Component My Car Multiple Vulnerabilities

Leave a comment

Ascii for Breakfast

Recent Posts

Active projects

Blogroll

Archives

Tag cloud

Files ≈ Packet Storm

Exploit-DB updates

blog.xen.org

Author Links