Joomla GoogleMap Proxy Vulnerability

Google Map proxy

If you are using Joomla and have the Googlemaps plugin, your webserver may be under attack and being used to attack others via cross site scripting.

The problem with the Joomla! Googlemaps plugin lies in the fact anyone can request the/plugins/system/plugin_googlemap2_proxy.php in their browser or script, to execute cURL HTTP requests to remote websites. The url parameter is vulnerable for Cross Site Scripting (XSS) attacks, and allows the retrieval of remote website content. When this happens a lot, a website becomes overloaded and unresponsive, making a Denial-of-Service attack succesfully executed. This is not only a problem for the website owner on the remote end, or its hosting company. Your web servers transmit a lot of HTTP traffic to remote ends, increasing server load, usage and network bandwidth (for which you pay). Therefor it’s important to stop this abuse.

To remedy this, you can remove the plugin or restrict access to the file via your .htaccess.

More info here: https://www.saotn.org/joomla-websites-abused-open-proxy-denial-service-attacks/

Google Map proxy

Leave a Reply