Exploit Piwigo 2.5.2 - Cross-Site Scripting

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
28560
Проверка EDB
  1. Пройдено
Автор
ARSAN
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2013-09-26
Код: 
#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#
#
# Exploit Title: Piwigo 2.5.2 <= Cross Site Scripting
# Date: 2013 26 September
# Author: Arsan
# Software Homepage: http://www.piwigo.org
# Version : 2.5.2
# Tested on: Linux & Windows
# Category: webapps
# Google Dork: intext:"Powered by Piwigo"
#
#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#
#
# [+] Exploit :
#
# [-] About Piwigo :
#
# Host and share your photos with Piwigo
# Piwigo is photo gallery software for the web, built by an active community of users and developers.
# Extensions make Piwigo easily customizable. Icing on the cake, Piwigo is free and opensource.
# Browse the demo (http://www.piwigo.org/demo) to discover Piwigo features on gallery side and change graphical theme on the fly.
#
# 	[-] Description :
#	
#	    1) Download "Piwigo" And Install.
#	    2) Create New Album ( Photos > Add > create a new album ) ~> Follow this link :
#	       http://localhost/piwigo/admin.php?page=photos_add
#	    3) Insert A photo In Your Album And Save It.
#	    4) And Go To Photo Edit; Follow This Way :
#	       Photos > Batch Manager > single mode
#	       http://localhost/piwigo/admin.php?page=batch_manager&mode=unit
#	    5) Now Insert This Code In "Title","Author","Tags","Description" :
#	       "><script>alert(/Arsan/)</script>
#	    6) Try To See Your Photo In Gallery;
#	       http://localhost/cms/piwigo/picture.php?/[Number Photo]/category/[Number Album]
#	    :) You See Alert "Arsan" . Enjoy ;)
#
#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#
#
# [+] Demo :
#
# http://www.piwigo.org/demo
#
#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#
#
# [+] Contact Me :
#
#     [email protected]
#     Twitter.com/ArsanBlackhat
# 
#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#
# I L0ve Inj3ct0r Team
#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Piwigo - 'admin.php' Cross-Site Request Forgery (User Creation)
Ответы
0
Просмотры
427
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities
Ответы
0
Просмотры
383
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Piwigo 2.4.6 - Multiple Vulnerabilities
Ответы
0
Просмотры
359
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Piwigo 2.4.6 - '/install.php' Arbitrary File Read/Delete
Ответы
0
Просмотры
357
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit piwigo-2.1.2 - Multiple Vulnerabilities
Ответы
0
Просмотры
365
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Piwigo CMS 2.5.3 - Multiple Web Vulnerabilities
Ответы
0
Просмотры
274
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Piwigo 2.0.6 - Multiple Vulnerabilities
Ответы
0
Просмотры
271
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit User Registration & Login and User Management System v3.0 - Stored Cross-Site Scripting (XSS)
Ответы
0
Просмотры
609
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)
Ответы
0
Просмотры
594
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)
Ответы
0
Просмотры
599
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу