Disputed / BOGUS

Wordpress cevhershare plugin Cross site scripting Vulnerability

Published / (Updated)
Credit
Risk
2013-12-19 / 2013-12-20
Ashiyane Digital Security Team
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes
Dork: inurl:/wp-content/plugins/cevhershare

!!!!!!!!!!!!!!!!!!!!!!
!!! FAKE NOTE !!!
!!!!!!!!!!!!!!!!!!!!!!

#######################################################################
# Exploit Title : Wordpress cevhershare plugin Cross site scripting Vulnerability
#
# Exploit Author : Ashiyane Digital Security Team
#
# Google Dork: : inurl:/wp-content/plugins/cevhershare
#
# Date: 2013/09/24
#
# Vendor Homepage : http://wordpress.org/plugins/cevhershare
#
# Software Link : http://downloads.wordpress.org/plugin/cevhershare.zip
#
# Version : 1.2.5
#
# Tested on: Windows
#
##############
#
# Location:http://site/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#
# Vuln Code :
#
# <form action="?page=<?php echo $_GET['page']; ?>" method="post">
# <p class="mediumtext alignleft">
#
##############
##############
# Demo:
#
# http://www.schaefferpXrecision.com/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#
# http://www.jaimealeXncar.com/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#
# http://pamlawhornXe.com/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#
# http://www.zmesXcience.com/cheap-moscow.com/blog/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#
# http://www.eaglXesgab.com/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#
# http://ikeymonXitor.com/wp-content/plugins/cevhershare/cevhershare-admin.php?page=[xss]
#


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com