3 matches found
web.stanford.edu XSS vulnerability
Vulnerable URL: http://web.stanford.edu/group/stvp/cgi-bin/stvp-site/wp-content/themes/stvp/jwplayer.php?id=alert'OPENBUGBOUNTY';...
wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞
wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞 响应html内容为: id参数未进行过滤,导致html注入(如上图中'1131'探针位置) 利用链接为: /wp-content/themes/stvp/jwplayer.php?id=%22%3E%3Cscript%3Ealert/sebug/%3C/script%3E...
WordPress Stanford Theme Cross Site Scripting
/ Exploit Title: Stanford Wordpress Template Cross Site Scripting Vulnerability Exploit Author: Sha4yan Vendor Homepage : http://stvp.stanford.edu/ Google Dork: none Date: 2016-01-01 Tested on: Ubuntu / Mozila Firefox Exploit Code: Location & Vulnerable query:...