The WordPress WassUp plugin v 1.4.3 is vulnerable to a SQL injection attack. The vulnerability exists in the spy.php file, where the $from_date and $to_date GET variables are used in an SQL query without being properly filtered. This allows an attacker to inject malicious SQL code into the query, which can be used to retrieve the WordPress administrator and user logins and MD5 hashed passwords. Tested successfully on v 1.4-1.4.3.
An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The request contains malicious SQL statements that are executed in the backend database, allowing the attacker to access, modify or delete data from the database.
An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code in the vulnerable parameter 'cat' of the 'index.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be exploited to disclose the content of the database, modify data, delete data, or even execute system commands.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the 'id' parameter of the 'index.php' script. The malicious query is designed to extract sensitive information from the database, such as usernames and passwords.
The WordPress Adserve plugin version 0.2 is vulnerable to a SQL injection attack. The id variable in the adclick.php file is not filtered, allowing an attacker to inject malicious SQL code into the query. If the exploit is successful, the WordPress administrator's login and MD5 hashed password can be retrieved.
Connectix Boards version 0.8.2 and below are vulnerable to a Remote File Inclusion vulnerability. This vulnerability is due to the 'template_path' parameter in the 'part_mps.php' script not properly sanitized before being used to include files. This can be exploited to execute arbitrary PHP code by including a malicious PHP script from a remote location.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains malicious SQL statements that are executed in the backend database. This can allow the attacker to access sensitive information from the database.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the 'catid' parameter of the 'index.php' script. This can allow an attacker to gain access to sensitive information from the database.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the 'listid' parameter of the 'index.php' script. This can allow an attacker to gain access to sensitive information from the database.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the 'listid' parameter of the 'index.php' script. This can allow an attacker to gain access to sensitive information from the database.
Services By CQR