Wordpress <= v2.1.0
If you're logged in into wordpress as an admin, your comments aren't properly sanitized, thus allowing an XSS to be posted. This can be exploited using XSRF techniques.
More info & PoC:
http://www.virtuax.be/advisories/Advisory4-20022007.txt
Relevant Pages
- RE: Wordpress <= v2.1.0
... If you're logged in into wordpress as an admin, ... exploited using XSRF techniques. ... More info & PoC: http://www.virtuax.be/advisories/Advisory4-20022007.txt ...
(Bugtraq) - [waraxe-2004-SA#010 - Multiple vulnerabilities in Error Manager v2.1 for PhpNuke]
... This Error Manager is made by Gijza.net ... Admin CP is also included in this version. ... This will lead of course to XSS conditions: ... and therefore admin can find potential bugs on site and of course this logging feature will reveale to ...
(Bugtraq) - [Full-disclosure] Wordpress 2.3 Cross Domain Content Insertion- New vulnerability + exploit
... There is a serious holes in wordpress 2.3 that can be used with XSS by a ... blackhat hacker to attack the wordpress administrator and steal cookies from ... This attack is known as 0day because it has just been reported to ...
(Full-Disclosure) - [UNIX]Wordpress user_login Column SQL Truncation Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Wordpress user_login Column SQL Truncation Vulnerability ... determining the admin password. ... An analysis revealed that a problem occurs in the password reset. ...
(Securiteam) - RE: xss....what next???
... IMHO (but thanks must go to rsnake for his xss guide), ... make use of an admin user's escalated privilege - i.e. you get a website ... Picking the easy wins in a time limited test is where web app testing ... Insight Consulting, part of Siemens Communications, is a leading specialist provider of services and solutions for security, continuity, compliance and identity management. ...
(Pen-Test) |
|
