October 2007
Monthly Archive
[Joomla] Joomla! “searchword” Cross-Site Scriptin
TITLE:
Joomla! “searchword” Cross-Site Scripting
SECUNIA ADVISORY ID:
SA27196
VERIFY ADVISORY:
http://secunia.com/advisories/27196/
CRITICAL:
Not critical
IMPACT:
Cross Site Scripting
WHERE:
From remote
SOFTWARE:
Joomla! 1.x
http://secunia.com/product/5788/
DESCRIPTION:
MustLive has discovered a vulnerability in Joomla!, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the “searchword” parameter in index.php (when “option”
is set to “com_search”) is not properly sanitised before being returned
to the user. This can be exploited to execute arbitrary HTML and script
code in a user’s browser session in context of an affected site.
Successful exploitation requires that the victim changes the number of
search results in a drop-down box, after having clicked on the malicious
link.
The vulnerability is confirmed in version 1.0.13. Other versions may
also be affected.
SOLUTION:
Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY:
MustLive
ORIGINAL ADVISORY:
http://securityvulns.ru/Rdocument919.html
0 comments Saturday 13 Oct 2007 | Guardian | Joomla
[XOOPS] XOOPS Uploader Class Unspecified Vulnerabilit
TITLE:
XOOPS Uploader Class Unspecified Vulnerability
SECUNIA ADVISORY ID:
SA27006
VERIFY ADVISORY:
http://secunia.com/advisories/27006/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Xoops 2.x
http://secunia.com/product/327/
Xoops 1.3.x
http://secunia.com/product/1357/
DESCRIPTION:
A vulnerability has been reported in XOOPS, which potentially can be
exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error within the XOOPS
uploader class when modules have set the upload configuration not
properly. This can potentially be exploited to upload malicious files.
SOLUTION:
Apply patch.
http://downloads.sourceforge.net/xoops/xoops-uploader-patch-071001.zip
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.xoops.org/modules/news/article.php?storyid=3963
0 comments Wednesday 03 Oct 2007 | Guardian | Xoops