FirePHP Firefox Plugin 0.7.1 - Remote Command Execution

No description provided by source. Exploit Title: Firephp firefox plugin RCE Date: 17/04/2013 Exploit Author: Wireghoul Vendor Homepage: www.firephp.org Software Link: https://addons.mozilla.org/en-US/firefox/addon/firephp/versions/ Version: All versions up to and including 0.7.1 Tested on: Windo...

FirePHP Add-on for Firefox数组数据cell名处理任意代码执行漏洞

Firefox的Firephp插件是基于FireBug插件开发的一款调试工具. 可把所要输出的信息通过header输出给客户端,并通过Firephp在FireBug的console和server中展示出来。 在使用"Variable Viewer"功能时，Firefox的Firephp插件程序不正确校验数组数据中的cell名，远程攻击者可以利用漏洞通过提交特制的HTTP应答，通过"createInstance" JavaScript调用执行任意代码。 在FIrebug中启用"Console"和"Net"面板才能成功利用此漏洞默认禁用。 0 FirePHP Add-on for Firef...

FirePHP Firefox Plugin 0.7.1 - Remote Command Execution

Exploit Title: Firephp firefox plugin RCE Date: 17/04/2013 Exploit Author: Wireghoul Vendor Homepage: www.firephp.org Software Link: https://addons.mozilla.org/en-US/firefox/addon/firephp/versions/ Version: All versions up to and including 0.7.1 Tested on: Windows 7 Advisory:...

FirePHP Firefox Plugin 0.7.1 - Remote Command Execution

FirePHP Firefox Plugin 0.7.1 - Remote Command Execution Exploit Title: Firephp firefox plugin RCE Date: 17/04/2013 Exploit Author: Wireghoul Vendor Homepage: www.firephp.org Software Link: https://addons.mozilla.org/en-US/firefox/addon/firephp/versions/ Version: All versions up to and including...