WebApp Sec mailing list archives
WordPress Search Function SQL-Injection
From: SaMuschie <samuschie () yahoo de>
Date: Tue, 27 Feb 2007 21:39:55 +0100 (CET)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +--------------------------------------- - -- - | SaMuschie Research Labs proudly presents . . . +------------------------------------------- -- - - | Application: wordpress | Version: <= 2.1.1 | Vuln./Exploit Type: SQL-Injection | Status: 0day +----------------------------------------- -- - - | Discovered by: Samenspender | Released: 20070227 | SaMuschie Release Number: 2 +------------------------------- - -- - Searching for a single ,,comma,, generates a sql error message. e.g.: http://wordpress-deutschland.org/?s=, results in: "WordPress Datenbank-Fehler: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND (post_type = 'post' AND (post_status = 'publish')) ORDER BY post_date DE' at line 1] SELECT SQL_CALC_FOUND_ROWS wpdorg_posts.* FROM wpdorg_posts WHERE 1=1 AND () AND (post_type = 'post' AND (post_status = 'publish')) ORDER BY post_date DESC LIMIT 0, 10" +----------------------------- -- - | Lameness Disclaimer +------------------------------------- - -- - - | SaMuschie Research Labs was found to publish | vulnerabilities within well known software products, | which are easy to discover and exploit. | | SaMuschie researchers just spend a minimum of time | and knowledge for each vulnerability. Hence readers of | this advisory are requested not to ask any questions | to the researchers.... they don't know the answer ;) +---------------------------------- - -- - - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF5GSdMFgfGpQK8VERAvOWAJwLms5H6b4So3tO19lc3eHMGeNvLwCdHAP8 ZfylSi7g8HINHkpBYzYgUqE= =fBdH -----END PGP SIGNATURE----- ___________________________________________________________ Telefonate ohne weitere Kosten vom PC zum PC: http://messenger.yahoo.de ------------------------------------------------------------------------- Sponsored by: Watchfire The Twelve Most Common Application-level Hack Attacks Hackers continue to add billions to the cost of doing business online despite security executives' efforts to prevent malicious attacks. This whitepaper identifies the most common methods of attacks that we have seen, and outlines a guideline for developing secure web applications. Download today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fHe --------------------------------------------------------------------------
Current thread:
- WordPress Search Function SQL-Injection SaMuschie (Feb 28)
- Message not available
- Re: WordPress Search Function SQL-Injection ascii (Feb 28)
- Message not available