|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 1030 CVE : CVE-2006-2815 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : Yannick von Arx Published : 06.06.2006
Advisory Content : Joomla/Mambo CMS Component SimpleBoard 1.1.0 Stable XSS-Vulnerabilities ======================================================================= Release Date ------------ June 01, 2006 Vendor ------- Two Shoes Mambo Factory http://www.tsmf.net/ Version ------- SimpleBoard 1.1.0 Stable (com_simpleboard) under Joomla CMS 1.0.8 Details ------- Frontend (Public): <forum_link> / <forum_title> / "post ne topic" / Name -> [XSS] If the module "mod_simpleboard5" wich shows the latest posts (also Username) is installed and aktivated for the frontpage (home), make <script>history.back();</script> and no one can join the page again! Backend (Admin Panel): Components /Simpleboard Forum / Simpleboard Configuration / Basics -> Title [XSS] (Community-Title) Components /Simpleboard Forum / Simpleboard Administration / New -> Name [XSS] (Forum-Title) Components /Simpleboard Forum / Simpleboard Administration / New -> Name [XSS] (Category-Title <- Choose "Top Level Category") XSS example: <script>alert("XSS");</script> Discovered by: Yannick von Arx yannick[dot]vonarx[at]yanux[dot]ch  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |