WordPress Plugin Tagged Albums - 'id' SQL Injection | Gerki | Теневой Форум про Заработок и ИБ

Exploiter

Хакер

21 Дек 2022

EDB-ID: 38023

Проверка EDB

Пройдено

Автор: ASHIYANE DIGITAL SECURITY TEAM

Тип уязвимости: WEBAPPS

Платформа: PHP

CVE: N/A

Дата публикации: 2012-11-16

WordPress Plugin Tagged Albums - 'id' SQL Injection

Код:

source: https://www.securityfocus.com/bid/56569/info

The Tagged Albums plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.

An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 

http://www.example.com/wp-content/plugins/taggedalbums/image.php?id=[sql]

Источник: www.exploit-db.com

Поиск

Exploit WordPress Plugin Tagged Albums - 'id' SQL Injection

Exploiter

Похожие темы