The Joomla Hacking Compendium

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:... Read More

Zeeways Adserver Multiple Vulnerabilities

Please view the original file here. Multiple vulnerabilities within the Zeeways Adserver were found. >> SQL Injection Multiple scripts with multiple parameters are affected from this vulnerability. Example #1: index.php?section=redir&affid=0&kid=0&zid=[SQL Injection] Example #2: Visit the "register" page index.php?section=user&action=register and enter your SQLi string into the email field. Fill out the other fields with some normal […]... Read More

Mechbunny PaysiteReviewCMS Permanent XSS Vulnerabilities

Please view the original advisory/exploit here. The PaysiteReviewCMS from the vendor Mechbunny suffers from Permanent Cross-Site Scripting vulnerabilities. Additional comment The script image.php is used to include images with specific parameters, such asthe image width. This script might be affected by other vulnerabilities aswell.... Read More