WARNING! Fake news / Disputed / BOGUS

Wordpress wp forum server v2 plugin SQL Injection

2013-02-12 / 2013-02-13
Credit: Ashiyane Digital Security Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: inurl:wp-content/plugins/forum-server AND inurl:feed.php

# Exploit Title: wordpress wp forum server v2 plugin SQL Injection # Google Dork: inurl:wp-content/plugins/forum-server inurl:feed.php # Exploit Author: Ashiyane Digital Security Team # Vendor Homepage: www.gti-fm.at # Software Link: www.forumpress.org/ # Version: 2.0 # Tested on: Windows 7 ############################## Location:site/wp-content/plugins/forum-server/feed.php?id=[SQL] # # #DEm0:http://www.gti-fm.at/wp-content/plugins/forum-server/feed.php?id=1 ######################################################### * Greetz to: My Lord Allah * Sp Tnx To: Behrooz_Ice,Q7X,Ali_Eagle,Azazel,iman_taktaz,sha2ow,0x21HATE,am118,angola,AR455,ERroR,Hashor * HASSAN20,HidDeEn,hossein19123,jooooondost,MehrdadLinux,Mute,PrinceofHacking * Rizux,Rz04,Sil3nt,Unline * MrR.CICILI * And All Of My Friends * The Last One : My Self, tr0janman *************************************************************** ##############################

References:

http://www.forumpress.org/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top