Menu Content

Support

> Forums, FAQs & Paid Support
Welcome, Guest
Username Password: Remember me

Profile for moneydashboard

  • OFFLINE
  • Time Zone: GMT +0:00
  • Local Time: 05:38
  • Posts: 2
  • Profile Views: 2624
  • Location: Unknown
  • Gender: Unknown
  • Birthdate: Unknown

Signature

Posts

Posts

emo
Version 4.5.1
XSS and URL manipula ...
Category: Priority Support
emo
I have two outstanding security issues with my site which I believe lie with JoomSEF.

Issue Number 1 - URL manipulation

Loading a URL with a single quote at the end gives an unhandled error and appears to show some JoomSEF SQL. For example: staging-www.mdbcloud.co.uk/getting-started'

Issue Number 2 - Arbitrary URL XSS

Go to one of our URLs:
staging-www.mdbcloud.co.uk/blog/entry/will-hs2-change-your-life

Use a web proxy tool like "Burp" to capture the request. Use this to change the value of the URL from:

GET /blog/entry/will-hs2-change-your-life HTTP/1.1

to

GET /blog/entry/will-hs2-change-your-life<script>alert('123');</script> HTTP/1.1

Then forward this (and all other requests) and an error page will be shown, and the script will execute in the user's browser.
XSS and URL manipula ...
Category: Priority Support
More
User Login Empty