Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4809

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4809
Last Modified 10 Feb 2012 12:00:00
Published 13 Dec 2011 07:55:19
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4809

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) language[], (2) university[], (3) persent[], (4) company_name[], (5) designation[], (6) music[], (7) books[], (8) movies[], (9) games[], (10) syp[], (11) ft[], and (12) fa[] parameters in a save task for a profile to index.php. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Joomlaextensions Com Hmcommunity 1.0


References

OSVDB - 76726

EXPLOIT-DB - 18050

SECUNIA - 46656

MISC - http://joomlaextensions.co.in/index.php?option=com_jeshop&view=category_detail&Itemid=118&id=38


Last Updated: 27 May 2016 10:57:54