Vulnerability CVE-2014-9103


Published: 2014-11-26

Description:
Multiple cross-site scripting (XSS) vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) index value of an array parameter or the filename parameter in the Content-Disposition header to the (2) file or (3) profile image upload functionality.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Joomla Kunena Forum 3.0.5 Cross Site Scripting
Raymond Rizk
31.07.2014

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Vendor: Kunena
Product: Kunena 
Version: 3.0.5;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://www.kunena.org/blog/139-kunena-3-0-6-released
http://www.securityfocus.com/bid/68956
http://www.kunena.org/docs/Kunena_3.0.6_Read_Me
http://packetstormsecurity.com/files/127684/joomlakunena305-xss.txt

Related CVE
CVE-2019-15120
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.
CVE-2017-5673
In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default.php, crypsis/layouts/message/item/top/default.php,...
CVE-2014-9102
Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, as demonstrated by the topics[] parameter in an unfa...
CVE-2012-4868
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4550
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php.

Copyright 2019, cxsecurity.com

 

Back to Top