bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/14923.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

24 lines
No EOL
880 B
Text
Raw Blame History

# Author: Craw
# Email: craw@element7.eu
# Software Link: http://wordpress.org/extend/plugins/events-manager-extended/
# Version: 3.1.2
# Category: webapplications
=======================================================
[+] ExploiT [1] : If you are allowed to leave a comment:
Persistent XSS Vulnerability: You can inject Javascript Code in your comment.
The Code will be displayed below the event.
[+] ExploiT [2] : If you are allowed to book an event:
Persistent XSS Vulnerability: You can inject Javascript Code in [Name] , [Email] , [Phonenumber] , [Comment]
The Code will be displayed in the Wordpress Backend -> http://www.site.com/wp-admin/admin.php?page=events-manager-people
=======================================================
Greetz @ LUXEMBOURG
=======================================================
Reference in a new issue View git blame Copy permalink