Joomla Component com_jmsfileseller Local File Inclusion Vulnerability

Please download the original advisory/exploit here. The Joomla component com_jmsfileseller suffers from a Local File Inclusion vulnerability. URL: index.php?option=com_jmsfileseller&view=<LFI value>&cat_id=1&Itemid=27 Vulnerable parameter: view Example: index.php?option=com_jmsfileseller&view=../../../etc/passwd%00&cat_id=12&Itemid=27... Read More

The Joomla Hacking Compendium

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:... Read More

South Korean UTW CMS Multiple Vulnerabilities

Please view the original advisory/exploit here. The South Korean Community/Website/Content Management System UTW suffers from various vulnerabilities. Local File Inclusion Script: utw_lib/get_file.php Parameters: file, rfile Example: utw_lib/get_file.php?rfile=<local path>&file=<local file name> The script get_file.php is vulnerable to local file inclusion attacks. Arbitrary files can be viewed by combining the values for the rfile and file parameters. […]... Read More

Not yet another Full Disclosure vs Responsible Disclosure debate

I have been interested in IT-Security since I was 16 or 17. Back then I was fascinated by basic concepts and the idea of exploiting weaknesses within a network, piece of software or simply human stupidity. It was exciting to see that the Internet is full of amazing websites, providing security enthusiasts with tools, source […]... Read More

OneOrZero AIMS v2.6.0 Members Edition Multiple Vulnerabilities

Please view the original advisory/exploit here. The web app OneOrZero AIMS Members Edition suffers from multiple remote vulnerabilities. SQL Injection Multiple scripts and parameters are affected by remote SQL injection vulnerabilities. You can also manipulate SQL queries with the help of various search fields of this web app. Some example URLs: index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=saved_search&global=1&id=[SQL Injection] index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=show_item_search&item_types=[SQL Injection] […]... Read More XSS vulnerability

I just submitted two “exploits” to and was able to view them on the website although they were not published yet by the staff members. This can be done by viewing the RSS feed and then clicking on the latest link (e.g. your submitted sploit). I submitted an exploit which contains XSS code. Surprisingly […]... Read More

Joomla Component com_jsupport SQL Injection Vulnerability

Please view the original advisory/exploit here. The Joomla component com_jsupport suffers from a remote SQL injection vulnerability. This vulnerability can be found by viewing the component in the Joomla administrator backend. Examples: administrator/index.php?option=com_jsupport&task=listTickets&alpha=[SQL Injection] administrator/index.php?option=com_jsupport&task=listFaqs&alpha=[SQL Injection]... Read More

Joomla Component com_jsupport Critical XSS Vulnerability

Please view the original advisory/exploit here. The Joomla component com_jsupport suffers from a critical XSS vulnerability: The component allows you to create and submit tickets. The tickets can be viewed on the website and in the admin panel. It is possible to inject arbitrary HTML and JS/VBS code into the title field of the ticket. […]... Read More

Zeeways Adserver Multiple Vulnerabilities

Please view the original file here. Multiple vulnerabilities within the Zeeways Adserver were found. >> SQL Injection Multiple scripts with multiple parameters are affected from this vulnerability. Example #1: index.php?section=redir&affid=0&kid=0&zid=[SQL Injection] Example #2: Visit the "register" page index.php?section=user&action=register and enter your SQLi string into the email field. Fill out the other fields with some normal […]... Read More