Joomla Health / Fitness Stats Cross Site Scripting

2010-07-13T00:00:00
ID PACKETSTORM:91694
Type packetstorm
Reporter Sid3 effects
Modified 2010-07-13T00:00:00

Description

                                        
                                            `Name : Joomla Health & Fitness Stats Persistent XSS Vulnerability  
Date : july 12,2010  
Critical Level : HIGH  
vendor URL :http://joomla-extensions.instantiate.co.uk/jcomponents/healthstats  
Author : Sid3^effects aKa HaRi  
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_  
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz  
#######################################################################################################  
Description  
To allow users of an Exercise & Fitness community site to be able to record their progress of various health and fitness measures such as body weight, blood pressure, number of press-ups in 60seconds, time for 1000m run etc. Goals can be set by the user which appear as red lines across the graph area. The user is also given the option to create 'custom stats' for which they can set the unit of measurement and whether best is highest or lowest.  
  
This component also includes a Central Stats page which pulls together the most recent values of each user for each parameter and averages these for Male and Female users.  
#######################################################################################################  
Xploit: Persistent XSS Vulnerability  
  
This vulnerability exists in the comments section.  
  
1. Goto any of the option like HEALTH STATS,FITNESS STATS or CUSTOM STATS  
  
2. Select Add/Update option and insert your xss script :)  
  
3. Once inserted goto Edit records and check your xss :P  
  
Attack Pattern:">><marquee><h1>XSS3d by Sid3^effects</h1><marquee>  
  
DEMO URL : http://<site>/jcomponents/healthstats/statistics-demo  
  
`