Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

RE: Wordpress <= v2.1.0
From: "McCarty, Eric C." <emccarty () er ucsd edu>
Date: Mon, 5 Mar 2007 14:25:07 -0800
2.0.2 Tested and Does not appear Vulnerable.

-----Original Message-----
From: ciri () virtuax be [mailto:ciri () virtuax be] 
Sent: Sunday, March 04, 2007 4:56 PM
To: bugtraq () securityfocus com
Subject: Wordpress <= v2.1.0

If you're logged in into wordpress as an admin, your comments aren't
properly sanitized, thus allowing an XSS to be posted. This can be
exploited using XSRF techniques.

More info & PoC: http://www.virtuax.be/advisories/Advisory4-20022007.txt

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]