what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress Dexs PM System Cross Site Scripting

WordPress Dexs PM System Cross Site Scripting
Posted Oct 16, 2013
Authored by TheXero

WordPress Dexs PM System plugin suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46585f05ce1c8abf03275497ab4ed1b5a5b1fe6f2f5d454627d66da4e26a2725
Download | Favorite | View

WordPress Dexs PM System Cross Site Scripting

Change Mirror Download
===============================================================================
|                                                                             |
                         ____                     _ __
              ___  __ __/ / /__ ___ ______ ______(_) /___ __
             / _ \/ // / / (_-</ -_) __/ // / __/ / __/ // /
            /_//_/\_,_/_/_/___/\__/\__/\_,_/_/ /_/\__/\_, /
                                                     /___/ team
 
                          PUBLIC SECURITY ADVISORY
|                                                                             |
===============================================================================
 
 
TITLE
=====
 
Dexs PM System - Authenticated Persistent Cross Site Scripting Vulnerability
 
 
AUTHOR
======
 
TheXero
 
 
DATE
====
 
10/14/2013
 
VENDOR
======
 
Sam Brishes - http://www.pytes.net/
 
 
AFFECTED PRODUCT
================
 
Dexs PM System Wordpress Plugin Version 1.0.1 possibly earlier
 
 
VULNERABILITY CLASS
===================
 
Cross-Site Scripting
 
 
DESCRIPTION
===========
 
 
Dexs PM System suffers from a persistent Cross-Site Scripting vulnerability
when sending a message as an authenticated user.  An account of at least
subscriber status is requested to exploit this vulnerability.
This vulnerability exists due to a lack of input validation and output
sanitization of the subject paramater.
 
 
PROOF OF CONCEPT
================
 
Enter the following into the subject field when sending a message to another
user.
 
--- SNIP ---
 
XSS<script>alert('xss');</script>
 
--- SNIP ---
 
If the message has been sent successfully a alert diolog will apear containing
xss when an user checks there message in the dashboard.
 
 
IMPACT
======
 
An attacker could potentially hijack session authentication tokes of remote
users and leverage the vulnerability to increase the attack vector to the
underlying software and operating system of the victim.
 
 
THREAT LEVEL
============
 
High
 
 
STATUS
======
 
0day
 
 
DISCLAIMER
==========
 
nullsecurity.net hereby emphasize, that the information which is published here
are for education purposes only. nullsecurity.net does not take any
responsibility for any abuse or misusage!

Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    38 Files
  • 24
    Sep 24th
    65 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close