Entries Tagged with ‘advisory’

Please download the original advisory/exploit here. The Joomla component com_jmsfileseller suffers from a Local File Inclusion vulnerability. URL: index.php?option=com_jmsfileseller&view=<LFI value>&cat_id=1&Itemid=27 Vulnerable parameter: view Example: index.php?option=com_jmsfileseller&view=../../../etc/passwd%00&cat_id=12&Itemid=27

(Continue reading…)

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:

(Continue reading…)

Please view the original advisory/exploit here. The South Korean Community/Website/Content Management System UTW suffers from various vulnerabilities. Local File Inclusion Script: utw_lib/get_file.php Parameters: file, rfile Example: utw_lib/get_file.php?rfile=<local path>&file=<local file name> The script get_file.php is vulnerable to local file inclusion attacks. Arbitrary files can be viewed by combining the values for the rfile and file parameters. […]

(Continue reading…)

I have been interested in IT-Security since I was 16 or 17. Back then I was fascinated by basic concepts and the idea of exploiting weaknesses within a network, piece of software or simply human stupidity. It was exciting to see that the Internet is full of amazing websites, providing security enthusiasts with tools, source […]

(Continue reading…)

Please view the original advisory/exploit here. The web app OneOrZero AIMS Members Edition suffers from multiple remote vulnerabilities. SQL Injection Multiple scripts and parameters are affected by remote SQL injection vulnerabilities. You can also manipulate SQL queries with the help of various search fields of this web app. Some example URLs: index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=saved_search&global=1&id=[SQL Injection] index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=show_item_search&item_types=[SQL Injection] […]

(Continue reading…)

I just received notice from bugsearch.net that they closed the XSS vulnerability I discovered a few hours ago. That was fast

(Continue reading…)

I just submitted two “exploits” to bugsearch.net and was able to view them on the website although they were not published yet by the staff members. This can be done by viewing the RSS feed and then clicking on the latest link (e.g. your submitted sploit). I submitted an exploit which contains XSS code. Surprisingly […]

(Continue reading…)

Please view the original advisory/exploit here. The Joomla component com_jsupport suffers from a remote SQL injection vulnerability. This vulnerability can be found by viewing the component in the Joomla administrator backend. Examples: administrator/index.php?option=com_jsupport&task=listTickets&alpha=[SQL Injection] administrator/index.php?option=com_jsupport&task=listFaqs&alpha=[SQL Injection]

(Continue reading…)

Please view the original advisory/exploit here. The Joomla component com_jsupport suffers from a critical XSS vulnerability: The component allows you to create and submit tickets. The tickets can be viewed on the website and in the admin panel. It is possible to inject arbitrary HTML and JS/VBS code into the title field of the ticket. […]

(Continue reading…)

Please view the original file here. Multiple vulnerabilities within the Zeeways Adserver were found. >> SQL Injection Multiple scripts with multiple parameters are affected from this vulnerability. Example #1: index.php?section=redir&affid=0&kid=0&zid=[SQL Injection] Example #2: Visit the “register” page index.php?section=user&action=register and enter your SQLi string into the email field. Fill out the other fields with some normal […]

(Continue reading…)