viernes, 6 de agosto de 2010

:::SPAS3C-WV-005:::Vulnerability in Joomla! Core (Back-end) <= 1.5.19

About two months ago, i found several vulnerabilities in Joomla! v<= 1.5.19 and these are my advisories. This one was published on Joomla! Security Center: here

  • Project: Joomla!
  • Severity: Medium
  • Versions: 1.5.19 and all previous 1.5 releases
  • Exploit type: XSS Injection
  • Reported Date: 2010-June-8

Back-end was vulnerable to XSS/HTML Code Injection. Get var "menutype" used in "com_menus" (core component) allowed the injection.



Some screenshots:

Fig.1: XSS triggered in Joomla! Back-end

Fig.2: Code injected.

Be safe ;)