WordPress Plugin myLDlinker SQL Injection Vulnerability
SEBUG-ID:19975
SEBUG-Appdir:WordPress
Published:2010-07-23
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security Team 2010 0 0 010101010101010101010101010101010101010101010101010101010 # Exploit Title: Word Press SQL Injection ( in myLDlinker.php Plugin ) # Date: 23/07/2010 # Author: H-SK33PY # Software Link: http://www.wordpress.com/ # Version: 2.9.2 # Google dork :inurl:"myLDlinker.php" # Platform / Tested on: linux # Category: Expliot code # Code : [SQLi] #BUG:######################################################################### After find plugin at sites run SQL Inject : example : http://site.com/myLDlinker.php?url=18[SQLi] ############################################################################# Website : http://www.datacoders.ir Special Thanks to : ccC0d3rZzz & AGT & all iranian datacoders members #############################################################################
// sebug.net [2010-07-23]