por Skillmax Usa camisa de fuerza
Cualquier duda avisen, hermanos!

Código: Seleccionar todo

# Author: Craw
# Email: [email protected]            
# Software Link: http://wordpress.org/extend/plugins/events-manager-extended/
# Version: 3.1.2
# Category: webapplications
  
=======================================================
  
  
[+] ExploiT [1] : If you are allowed to leave a comment:
     
    Persistent XSS Vulnerability: You can inject Javascript Code in your comment.
    The Code will be displayed below the event.
 
     
[+] ExploiT [2] : If you are allowed to book an event:
    
   Persistent XSS Vulnerability: You can inject Javascript Code in [Name] ,  [Email] , [Phonenumber] , [Comment]
   The Code will be displayed in the Wordpress Backend -> http://www.site.com/wp-admin/admin.php?page=events-manager-people
    
 
=======================================================
Greetz @ LUXEMBOURG
=======================================================

Temas similares
Hiding in the task Manager por xrahitel en Manuales y Tutoriales
The Best KeePass Password Manager por xrahitel en Manuales y Tutoriales
XSS in hidden input fields por xrahitel en Manuales y Tutoriales
XSS for PDFs (mail.ru) por xrahitel en Manuales y Tutoriales
Links sobre el tema
Variantes de tema
Responder

Volver a “Exploits”