Joomla My Car Component Two Vulnerabilities

SECUNIA ADVISORY ID:
SA39983

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/39983/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=39983

RELEASE DATE:
2010-05-31
DESCRIPTION:
Valentin Hoebel has reported two vulnerabilities in the My Car
component for Joomla, which can be exploited by malicious people to
conduct cross-site scripting and SQL injection attacks.

1) Input passed to the "modveh" parameter in index.php (when "option"
is set to "com_mycar" and "task" is set to "1") is not properly
sanitised before being returned to the user. This can be exploited to
execute arbitrary HTML and script code in a user's browser session in
context of an affected site.

2) Input passed via the "pagina" parameter to index.php (when
"option" is set to "com_mycar" and "task" is set to "1") is not
properly sanitised before being used in a SQL query. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 1.0. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Valentin Hoebel

ORIGINAL ADVISORY:
http://www.xenuser.org/documents/security/joomla_com_mycar_multiple_vulnerabilities.txt

RECENT ARTICLE

RECENT POST