Disputed / BOGUS

Wordpress wp forum server v2 plugin SQL Injection

Published / (Updated)
Credit
Risk
2013-02-12 / 2013-02-13
Ashiyane Digital Security Team
Medium
CWE
CVE
Local
Remote
CWE-89
N/A
No
Yes
Dork: inurl:wp-content/plugins/forum-server AND inurl:feed.php

# Exploit Title: wordpress wp forum server v2 plugin SQL Injection
# Google Dork: inurl:wp-content/plugins/forum-server inurl:feed.php
# Exploit Author: Ashiyane Digital Security Team
# Vendor Homepage: www.gti-fm.at
# Software Link: www.forumpress.org/
# Version: 2.0
# Tested on: Windows 7
##############################
Location:site/wp-content/plugins/forum-server/feed.php?id=[SQL]
#
#
#DEm0:http://www.gti-fm.at/wp-content/plugins/forum-server/feed.php?id=1
#########################################################
* Greetz to: My Lord Allah
* Sp Tnx To: Behrooz_Ice,Q7X,Ali_Eagle,Azazel,iman_taktaz,sha2ow,0x21HATE,am118,angola,AR455,ERroR,Hashor
* HASSAN20,HidDeEn,hossein19123,jooooondost,MehrdadLinux,Mute,PrinceofHacking
* Rizux,Rz04,Sil3nt,Unline
* MrR.CICILI
* And All Of My Friends
* The Last One : My Self, tr0janman
***************************************************************
##############################

References:

http://www.forumpress.org/


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com