Joomla Table JX Cross Site Scripting

2010-05-03T00:00:00
ID PACKETSTORM:89119
Type packetstorm
Reporter Valentin Hoebel
Modified 2010-05-03T00:00:00

Description

                                        
                                            `# Exploit Title: Joomla Component Table JX XSS Vulnerabilities  
# Date: 01.05.2010  
# Author: Valentin  
# Category: webapps/0day  
# Version:   
# Tested on:   
# CVE :   
# Code :   
  
  
[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]  
>> General Information   
Advisory/Exploit Title = Joomla Component Table JX XSS Vulnerabilities  
Author = Valentin Hoebel  
Contact = valentin@xenuser.org  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]  
>> Product information  
Name = Table JX  
Vendor = Tools JX  
Vendor Website = http://www.toolsjx.com  
Affected Version(s) = all  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]  
>> #1 Vulnerability  
Type = XSS  
index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0&data_search=[XSS]  
index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0?data_search=&rpp=[XSS]  
  
In case you wonder: Yes, those are exactely the same URIs like in the other Joomla  
component "Card View JX". Both of them seem to be named "com_grid" and use exactely  
the same architecture, parameters etc. Therefore both of them are vulnerable to  
the same XSS attacks.  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]  
>> Additional Information  
Advisory/Exploit Published = 01.05.2010  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]  
>> Misc  
Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!  
<3 packetstormsecurity.org!  
  
  
[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]  
`