Please view the document here. The Joomla Component My Car (V. 1.0) is exposed to XSS attacks. Due to SQL errors it is furthermore possible to reveal sensitive information (e.g. the absolute path of the website and queries).

Today I am releasing my Automated Joomla SQL Injection Exploiter version 1.0 (23th May 2010). [Download here] I wrote this tool because I did not want to write a new exploit every time when a new Joomla (component/module/plugin) SQL injection vulnerability was discovered/revealed. Simply hand over a vulnerable Joomla URL to the tool and receive all Joomla [...]

Today I decided to release my Joomla com_qpersonal SQL Injection Remote Exploit. It exploits a SQL injection vulnerability I found a few weeks ago. The sploit is based on my column fuzzer and the enhanced Joomla exploitation tool I wrote You can find the exploit here.

Edit 23th May: Version 1.1 released. Today I released the Full Automated Column Finder for SQL Injection (Python script). It is a column fuzzer which helps you saving time. [Download here] Description The Full Automated Column Finder helps you to determine the correct amount of columns of the current SQL query. It is useful for [...]

What if there was a project which checks all available extensions for popular CMS (such as Joomla or WordPress) for vulnerabilities and therefore creates a list of “trusted” and secure plugins on which ppl can rely on? During the last weeks I spent much time thinking about the security of websites in general. While many [...]

On the 6th May 2010 a new version of Google Skipfish (penetration testing tool/vulnerability scanner) was released. View the changelog here. Download it here. According to the changelog not many things were changed.

I recently had the time to test Google’s Skipfish. It is a fully automated penetration testing tool and was just published some weeks ago. This little tutorial will show Debian/Ubuntu users how to install it and perform the first test. I. Introduction Tools like Nessus and Nmap are indispensable when it comes down to security [...]

View the original advisory here. This is most probably the most funny advisory I ever published. I found some decent vulnerabilities within the code of the very popular counter “chCounter”. It is fact a very cool counter. Simply implement the counter file into your website and view the stats in the admin backend. >> #1 [...]

View the advisory here. The image gallery script “Auto-Img-Gallery” suffers from a XSS vulnerability. Furthermore SQL injection might be possible since I got some SQL errors just by browsing trough the script and playing around with the URI. Still need to find out if there is a way to exploit this.

Please view the original advisory here. The very popular download manager dl_stats suffers from various vulnerabilities. #1 SQL Injection #2 XSS #3 Unprotected Admin Panel The vendor seems to have rewritten the software, since version 2.0 dl_stats is no longer vulnerable to SQLI and XSS. But… 90 percent of the websites using dl_stats did NOT upgrade [...]