Home page logo

oss-sec logo oss-sec mailing list archives

[CVE Request] IndiaNIC Testimonial 2.2 WP plugin
From: "Adéla Goldová" <roguecoder () hush com>
Date: Mon, 02 Sep 2013 00:35:30 +0200


The testimonial plugin by IndiaNIC contains CSRF, XSS and SQLi vulnerabilities.
I was able to deface the website, extract user credentials etc through crafted forms.
Can someone please assign CVE's to this?

1: http://seclists.org/fulldisclosure/2013/Sep/5

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]