In May 2010 I discovered several XSS vulnerabilities within the Joomla components Card View JX and Table JX which were all based on the famous com_grid component. Until now those vulnerabilities remained unpatched. Today I received an email from David Mavec who is one of the guys working on com_grid. According to him, all vulnerabilities [...]

Please view the original advisory/exploit here. The Joomla component “Racers Online” (com_nkc) suffers from a numeric SQL Injection vulnerability.

Please view the original advisory/exploit here. The PaysiteReviewCMS from the vendor Mechbunny suffers from Permanent Cross-Site Scripting vulnerabilities. Additional comment The script image.php is used to include images with specific parameters, such asthe image width. This script might be affected by other vulnerabilities aswell.

Please view the original advisory/exploit here. The Porn Tube Search Script from the vendor Mechbunny suffers from Cross-Site Scripting and Redirection vulnerabilities.

Please download the original exploit/advisory here. The image gallery script GaleriaSHQIP suffers from a remote SQL injection vulnerability. Example URL index.php?album_id=[SQL Injection] Affected versions 1.0 full, the lite version may also contain such vulnerabilities

Please download/view the original advisory here. The Joomla component com_golfcourseguide fails to sanitize the user input and therefore suffers from a remote SQL injection vulnerability. Example URL index.php?option=com_golfcourseguide&view=golfcourses&cid=1&id=[SQL Injection] Versions affected v0.9.6.0 beta, v1 beta

Today I am releasing my Specialist Bed and Breakfast Website SQL Injection Exploit (remote). [Download] Description The Specialist Bed and Breakfast Website SQL Injection Exploit takes advantage of a SQL injection vulnerability JaMbA discovered on 30th June 2010. The exploit source code also contains the table structure of the vulnerable product. About the vulnerability Learn [...]

Today I am releasing version 0.5 of my Simple SQL Injection Vulnerability Scanner. [Download here] It contains all the features from the first released version 0.3 and now contains – in addition – a column fuzzer. Simply start a scan by using python sqli_scanner.py -u “target” and then start fuzzing by using the parameter -fuzz [...]

Please view the original advisory here. The “Membership Site Script” is exposed to SQL injection attacks. >> #1 SQL Injection target/view.php?id=[SQL Injection]

Please view the original advisory here. The “Daily Inspirational Quotes Script” fails to properly sanitize the user input and is therefore exposed to SQL injection attacks. >> #1 SQL Injection target/tellafriend.php?id=[SQL Injection]