Joomla com_awd_song persistent xss Vulnerability

2010-07-02 / 2010-07-03
Credit: Sid3^effects aKa HaRi
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2010-2613
CWE: CWE-79
Dork: inurl:com_awd_song


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

================================================ Joomla com_awd_song persistent xss Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ########################################## 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 ########################################## 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla com_awd_song persistent xss Vulnerability Date : june, 26 2010 Critical Level : HIGH Vendor Url : http://joomlaextensions.co.in/component/awd_song/ Google Dork: inurl:com_awd_song Price:$37.00 Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com> special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_ greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz ####################################################################################################### Description: Frontend There are 4 menus. 1. (Enter Contest) User can upload a new song.Whenever new songs are uploaded, users will receive an email to rate the new contest songs. 2. (Winner song) Users can see all of the winning songs from today. 3. (My Songs) Users can see all of their own songs they have uploaded. 4. (My Rated Songs) Users can see all of their own ratings for other users songs. ####################################################################################################### Xploit:persistent xss Vulnerability The attacker can post evil script or xss shell in the song review option For example :">><marquee><h1>XSS3d By Sid3^effects</h1><marquee> DEMO URL : http://joomlaextensions.co.in/index.php?option=com_awd_song&task=view&id=4 ############################################################################################################### # 0day no more # Sid3^effects

References:

http://xforce.iss.net/xforce/xfdb/59807
http://www.securityfocus.com/bid/41165
http://www.exploit-db.com/exploits/14059
http://packetstormsecurity.org/1006-exploits/joomlaawdsong-xss.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top