Joomla SecurityCheck extension – Multiple vulnerabilities

Posted by Gökmen GÜREŞÇİ on Jun 01

Information
——————————
Advisory by ADEO Security Team
Name: Stored XSS and SQL Injection in Joomla SecurityCheck extension
Affected Software : SecurityCheck and SecurityCheck Pro
Vulnerable Versions: 2.8.9 (possibly below)
Vendor Homepage : https://securitycheck.protegetuordenador.com
Vulnerabilities Type : XSS and SQL Injection
Severity : High
Status : Fixed

Technical Details
——————————
PoC URLs for SQL…

Leave a Reply