vendor:
Wordpress
by:
Stefan Esser/Hardened-PHP Project
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Wordpress
Affected Version From: Wordpress 2.0.5
Affected Version To: Wordpress 2.0.5
Patch Exists: NO
Related CWE:
CPE: a:wordpress:wordpress:2.0.5
Platforms Tested:
2006
WordPress 2.0.5 – Trackback UTF-7 SQL injection exploit
This is a proof of concept code for exploiting a SQL injection vulnerability in Wordpress 2.0.5. The vulnerability allows an attacker to execute arbitrary SQL queries by injecting malicious code through a trackback request. The exploit specifically targets the use of UTF-7 encoding in the trackback parameter, which can be used to bypass input sanitization and inject SQL commands. The code retrieves the cookie hash from the target Wordpress blog and prints it to the console.
Mitigation:
Upgrade to a patched version of Wordpress. Avoid using trackback functionality or disable it completely if not required. Apply input validation and sanitization to prevent SQL injection attacks.
