EUVD-2008-0517

Malware in sbrugna...

Sql injection

SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0507

SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0507

SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0507

Summary: CVE-2008-0507 is an SQL injection in the WordPress AdServe plugin (version 0.2) specifically in the adclick.php script, where user-supplied the parameter id is unsafely used in a database query. The vulnerability allows remote attackers to execute arbitrary SQL commands via id, potential...

Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit

No description provided by source. ? WordPress Adserve plugin v 0.2 Sql Injection Exploit Plugin Homepage-http://www.irisco.it/?pageid=40 Found by:enterthedragon Vuln code -In adclick.php if isset$GET'id' Header"Location: ".iriAdServeBannerClick$GET'id' -In iriAdServeBannerClick function return...

WordPress AdServe Plugin <= 0.2 - SQL Injection

Because of this vulnerability in adclick.php, the attackers can execute arbitrary SQL commands via the "id" parameter. Solution Update the plugin...

Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================== Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit ============================================================== getvar"SELECT url FROM $tablename WHERE id=$id;";...

WordPress Plugin Adserve 0.2 - adclick.php SQL Injection

WordPress Plugin Adserve 0.2 - adclick.php SQL Injection getvar"SELECT url FROM $tablename WHERE id=$id;"; Exploit id variable isnt filtered so we can inject and check the output in the Location response-header If exploit is succesfull Wordpress administrators login and md5 hashed password is...

WordPress AdServe 'adclick.php' 'id' Parameter SQL Injection

The remote host is running AdServe, a third-party ad banner plugin for WordPress. The version of AdServe installed on the remote host fails to sanitize input to the 'id' parameter of the 'adclick.php' script before using it in a database query. Regardless of PHP's 'magicquotesgpc' setting, an...

WordPress Plugin Adserve 0.2 - &#039;adclick.php&#039; SQL Injection

getvar"SELECT url FROM $tablename WHERE id=$id;"; Exploit id variable isnt filtered so we can inject and check the output in the Location response-header If exploit is succesfull Wordpress administrators login and md5 hashed password is retrieved echo "\n"; echo "-------WordPress Adserve plugin v...