WordPress 3.2.2 存储型跨站漏洞

2012-05-08 95274人围观 ,发现 1 个不明物体 漏洞
######################
# Author : L3b-r1'z
# Tilte : WordPress 0day Cross Site Scripting (STORED) Version 3.3.2
# Date : 2012-May-04
# Email : L3br1z@gmail.com
######################

Desc :
This Exploit In Comment b0x , if you put script>alert(1337) /script>
You
will See The Alert .
Note :
If Admin Active When You Make Comment Not Published ( Not Work Exploit ).
How We Steal Coockie :
By b0x {
The Code Is Here :

http://www.poletti.info//public/sito/img/db/girocollo/code.txt

The Inject :

See The Video For More Information :

http://www.4shared.com/rar/f7z84vvj/xsswp.html

Thx To : The Injector , b0x , Mr.Thmoory , Damane2011 , Sec4ever , N4SS1m ,B07 M4S73r , Hacker-1420 , The Viper , Exp-Bl00d And All My Friends.
And : PacketstormSecurity.com , 1337day.com , exploit4arab.com ,
exploit-db.com .
NO MORE 0DAY
--
L3b-r1'z .
proud to be lebanese
Sec4Ever.Com
发表评论

已有 1 条评论

取消
Loading...
css.php