WordPress 2.1.3 SQL Injection Vulnerability
6 days after Wordpress 2.2 release, Janek Vind has discovered a vulnerability in WordPress 2.1.3, which can be exploited to conduct SQL injection attacks. Secunia has the scoop on this one :
Input passed to the "cookie" parameter in wp-admin/admin-ajax.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
As dangerous as this vulnerability seems, the attacker needs to know the database table prefix in order to carry on successful data enumeration.
I wonder how many of these vulnerabilities are found by source code analysis vs. Changelog.txt "reverse engineering" 
Original Advisory : http://www.waraxe.us/advisory-50.html
If you enjoyed this post, make sure you subscribe to my RSS feed!
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Post Info
This entry was posted on Monday, May 21st, 2007 and is filed under Vulnerabilities, Sql Injection, Web Applications.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Security Keywords MFA (made for ads) websites »
Next Post: Finjan Web Security Trends Report - Q1/2007 »
Read More
Related Reading:- Privacy Dilemma: How to Protect Yourself Online
- Solera Networks Deep-Packet Capture Review
- WordPress Exploit Scanner
- Phishing Exposed, Brands Secured
- Scanners: New Nessus Release; New eEye Web Scanner
- Good News from ArcSight and Imperva
- CCTV Security Camera and Surveillance Equipment
- OpenDNS Offers Free Web Content Filtering
- Can I Evade ScanSafe Anywhere+ ?
- Googlehacks and Anti-Googlehacks
