• Pentest Report - ECSA
  • Document Details
    • Version History
    • Contact
  • Executive Summary
    • Target Systems
    • Timeline
  • Comprehensive Technical Report
    • Vulnerability Assessment
    • Challenges
      • [Challenge 1:] Network Scanning & Service Enumeration
      • [Challenge 2:] Microsoft Server Service Relative Path Stack Corruption
        • Risk Information
        • References
      • [Challenge 3:] Bash Remote Code Execution
        • Risk Information
        • References
      • [Challenge 4:] Weak Port Hardening
      • [Challenge 5:] freeSSHd SFTP Authentication Bypass vulnerability
        • Risk Information
        • References
      • [Challenge 6:] SQL Injection & XSS Attack
      • [Challenge 7:] Wordpress Plugin - Cross-Site Request Forgery (CSRF)
        • References
      • [Challenge 8:] SMB Psexec Vulnerability
        • Risk Information
        • References
      • [Challenge 9:] SQL Injection Vulnerability
        • Risk Information
        • References
      • [Challenge 10:] MySQL Password Bypass Vulnerability
        • Risk Information
        • References
      • [Challenge 11:] Joomla Media Manager File Upload Vulnerability
        • Risk Information
        • References
Powered by GitBook

References

References

  • CVE-2013-5576
  • OSVDB-95933

  • http://developer.joomla.org/security/news/563-20130801-core-unauthorised-uploads

  • http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites/

  • https://github.com/joomla/joomla-cms/commit/fa5645208eefd70f521cd2e4d53d5378622133d8

  • http://niiconsulting.com/checkmate/2013/08/critical-joomla-file-upload-vulnerability/

results matching ""

    No results matching ""