lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 4 Mar 2015 21:28:25 +0800
From: Jing Wang <justqdjing@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] WordPress "Max Banner Ads" Plug-in XSS (Cross-site Scripting)
 Security Vulnerabilities

*WordPress "Max Banner Ads" Plug-in XSS (Cross-site Scripting) Security
Vulnerabilities*


Exploit Title: Wordpress "Max Banner Ads" Plugin /info.php &zone_id
Parameter XSS Security Vulnerabilities
Product: Wordpress "Max Banner Ads" Plugin
Vendor: MaxBlogPress
Vulnerable Versions: 1.9  1.8   1.4   1.3.*   1.2.*   1.1   1.09
Tested Version: Check All Related Versions' Source Code
Advisory Publication: Mar 04, 2015
Latest Update: Mar 04, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Credit: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]







*Advisory Details:*


*(1) Vendor & Product Description:*


*Vendor:*
MaxBlogPress


*Product & Version:*
Wordpress "Max Banner Ads" Plugin
1.9   1.8   1.4   1.3.7   1.3.6   1.3.5   1.3.4   1.3.3   1.3.2   1.3.1
1.3
1.2.7   1.2.6   1.2.5   1.2   1.1   1.09



*Vendor URL & Download:*
Wordpress "Max Banner Ads" Plugin can be downloaded from here,
http://www.maxblogpress.com/plugins/


*Product Introduction:*
"Easily add and rotate banners in your wordpress blog anywhere you like
without editing any themes or touching any codes"





*(2) Vulnerability Details:*
Wordpress "Max Banner Ads" Plugin has a web application security bug
problem. It can be exploited by XSS (Cross-site Scripting) attacks.


*(2.1) *The vulnerability occurs at "info.php?" page with "zone_id"
parameter.







*References:*
http://tetraph.com/security/xss-vulnerability/wordpress-max-banner-ads-plug-in-xss-cross-site-scripting-security-vulnerabilities/
http://securityrelated.blogspot.com/2015/03/wordpress-max-banner-ads-plug-in-xss.html
http://www.inzeed.com/kaleidoscope/computer-web-security/wordpress-max-banner-ads-plug-in-xss-cross-site-scripting-security-vulnerabilities/
http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/wordpress-max-banner-ads-plug-in-xss-cross-site-scripting-security-vulnerabilities/
https://itinfotechnology.wordpress.com/2015/03/04/wordpress-max-banner-ads-plug-in-xss-cross-site-scripting-security-vulnerabilities/
http://lists.kde.org/?a=139222176300014&r=1&w=2







--
Wang Jing,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://plus.google.com/u/0/+JingWang-tetraph-justqdjing/posts

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ