Zeeways Adserver Multiple Vulnerabilities

Please view the original file here. Multiple vulnerabilities within the Zeeways Adserver were found. >> SQL Injection Multiple scripts with multiple parameters are affected from this vulnerability. Example #1: index.php?section=redir&affid=0&kid=0&zid=[SQL Injection] Example #2: Visit the "register" page index.php?section=user&action=register and enter your SQLi string into the email field. Fill out the other fields with some normal […]... Read More

Joomla Component com_restaurantguide Multiple Vulnerabilities

Please view the original advisory/exploit here. The Joomla component com_restaurantguide suffers from multiple vulnerabilities. >> SQL Injection index.php?option=com_restaurantguide&view=country&id=’&Itemid=69 (id parameter is vulnerable) >> HTML/JS/VBS Code Injection (all input fields, also in the admin backend) It is possible to inject HTML/JS/VBS code into the document although XSS filters are active. Simply end the current HTML tag […]... Read More