Author : Jeff Channell
Page 1 of 6 exploits
Title Author Platform Source Description Date
Joomla! v1.5 + v1.6 JFilterInput XSS Bypass Jeff Channell php exploit-db.com Exploit Title: Joomla! JFilterInput XSS Bypass Date: 1 February 2011 Author: Jeff Channell Software Link: http://www.joomla.org Version: 1.5.22, 1.6.0 Tested on: PHP5, MySQL5 Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize user-supplied html. This class attempts February 1, 2011
Joomla! 1.5 / 1.6 JFilterinput Cross Site Scripting Bypass Jeff Channell na packetstormsecurity.org Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize user-supplied html. This class attempts to parse any given string for html code, checks the code against a whitelist of elements and attributes, and strips out any code that is not allowed. However, malformed html code can be used to bypass the filter and inject XSS code into user-supplied input. February 1, 2011
Joomla! Spam Mail Relay Vulnerability Jeff Channell php exploit-db.com Exploit Title: Joomla! Spam Mail Relay Date: 11 Jan 2011 Author: Jeff Channell Software Link: http://www.joomla.org/ Versions: 1.5.22, 1.6.0 Joomla! 1.5.22 & 1.6.0 both allow spam email to be relayed to unsuspecting victims via the core com_mailto component. Tested using the January 12, 2011
Joomla! Spam Mail Relay Jeff Channell na packetstormsecurity.org Joomla! versions 1.5.22 and 1.6.0 suffer from a spam relay vulnerability. January 11, 2011
JomSocial 1.8.8 Shell Upload Jeff Channell na packetstormsecurity.org JomSocial version 1.8.8 suffers from a shell upload vulnerability. October 1, 2010
JomSocial 1.8.8 Shell Upload Vulnerability Jeff Channell php exploit-db.com There is a file upload vulnerability in version 1.8.8 and earlier of JomSocial, the popular community extension for Joomla!. Successful exploitation of this exploit requires the site to be configured to allow users to upload video files directly, which is disabled by default. If this featur September 30, 2010