64 matches found
Master User, versions before 2.1.4
Versions before 2.1.4 suffered from an issue with insecure default settings, the issue affects Joomla 3.4 sites only, but users are advised by the developer to update anyway. Resolution: Update to version 2.1.4 Update notice URL:...
Joomla! 1.5 & 1.6 - JFilterInput XSS Bypass
No description provided by source. Exploit Title: Joomla! JFilterInput XSS Bypass Date: 1 February 2011 Author: Jeff Channell Software Link: http://www.joomla.org Version: 1.5.22, 1.6.0 Tested on: PHP5, MySQL5 Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize user-supplied html. This...
MyBB Follower User Plugin - SQL Injection
Exploit Title: Follower User MyBB plugin SQL Injection 0day Google Dork: intext:"Users subscribed to" inurl:member.php -site:fwcombie.us Date: 13.10.2012 Exploit Author: Zixem Software Link: http://mods.mybb.com/view/suscriber-user Version: 1.5+ Tested on: Linux...
Joomla! 1.5/1.6 - JFilterInput Cross-Site Scripting Bypass
Exploit Title: Joomla! JFilterInput XSS Bypass Date: 1 February 2011 Author: Jeff Channell Software Link: http://www.joomla.org Version: 1.5.22, 1.6.0 Tested on: PHP5, MySQL5 Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize user-supplied html. This class attempts to parse any given...