Page 1 of 1

Acunetix Web Vulnerability Scanner high vulnerability alert

Posted: Wed Mar 26, 2008 12:07 pm
by Smile
Hi, I tried Acunetix Web Vulnerability Scanner v5 on my clean joomla 1.0.15 install.

I got High Vulnerability alert: I was thinking Joomla was more secure??

Blind SQL/XPath injection:

The POST variable text is vulnerable
/component/option,com_contact/Itemid,3/

The POST variable op is vulnerable
/component/option,com_contact/Itemid,42/

The POST variable name is vulnerable
/component/option,com_contact/Itemid,99999999/

The post variable task is vulnerable
/content/category/1/17/2/

The post variable task is vulnerable
/content/category/5/15/32/

The post variable task is vulnerable
/content/category/5/15/37/

The post variable task is vulnerable
/content/category/5/16/32/
/content/category/5/16/37/

The post variable task is vulnerable

The GET variable submit is vulnerable
/index.php

Re: Acunetix Web Vulnerability Scanner high vulnerability alert

Posted: Wed Mar 26, 2008 12:08 pm
by Smile
Try the scanner on your site too, can theese problems be fixed and how?

http://www.acunetix.com/cross-site-scri ... canner.htm

Re: Acunetix Web Vulnerability Scanner high vulnerability al

Posted: Sat Aug 09, 2014 8:53 pm
by kardinol
"The issues detected were of major impact. If users/hackers would have found the security holes, they could have hacked an entire Joomla! site." - Robin Muilwijk, member of the Quality and Testing Team, Joomla!

Code: Select all

http://www.acunetix.com/blog/case-studies/joomla/

Re: Acunetix Web Vulnerability Scanner high vulnerability al

Posted: Sat Aug 09, 2014 9:20 pm
by Tonie
This post was more than six years old.

Re: Acunetix Web Vulnerability Scanner high vulnerability al

Posted: Sat Aug 09, 2014 10:54 pm
by mandville
Topic locked due to age relevance