4 matches found
WordPress yolink Search plugin <= 1.1.4 - SQL Injection
No description provided by source. Exploit Title: WordPress yolink Search plugin = 1.1.4 SQL Injection Vulnerability Date: 2011-08-30 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/yolink-search.1.1.4.zip Version: 1.1.4 tested...
WordPress Yolink Search 1.1.4 SQL Injection
Exploit Title: WordPress yolink Search plugin getresults $wpdb-prepare "SELECT ID,GUID FROM $wpdb-posts WHERE poststatus='publish' AND posttype IN $posttypein AND ID $idfrom order by ID asc LIMIT $batchsize" ; //misusage of $wpdb-prepare :...
WordPress yolink Search Plugin <= 1.1.4 - SQL Injection
This WordPress yolink Search plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...
WordPress Plugin yolink Search 1.1.4 - SQL Injection
Exploit Title: WordPress yolink Search plugin getresults $wpdb-prepare "SELECT ID,GUID FROM $wpdb-posts WHERE poststatus='publish' AND posttype IN $posttypein AND ID $idfrom order by ID asc LIMIT $batchsize" ; //misusage of $wpdb-prepare :...