Joomla! JooProperty Component SQL Injection And Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

The JooProperty component for Joomla! is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. JooProperty 1.13.0 is vulnerable other versions may also be affected.

References

http://www.joomla.org
http://www.securityfocus.com/bid/56885

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 8.5
AV:N/AC:L/Au:N/C:C/I:P/A:N

Related Vulnerabilities

AWCM CMS Multiple Remote File Include Vulnerabilities
Adobe ColdFusion Multiple Vulnerabilities-01 May-2014
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
A-Blog 'sources/search.php' SQL Injection Vulnerability
ActivePerl perlIS.dll Buffer Overflow

Joomla! JooProperty Component SQL Injection and Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities