WordPress 2.1.3 SQL Injection Vulnerability

Wordpress SQL injection vulnerability6 days after WordPress 2.2 release,  Janek Vind has discovered a vulnerability in WordPress 2.1.3, which can be exploited  to conduct SQL injection attacks.  Secunia has the scoop on this one :

Input passed to the "cookie" parameter in wp-admin/admin-ajax.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

As dangerous as this vulnerability seems, the attacker needs to know the database table prefix in order to carry on successful data enumeration.

I wonder how many of these vulnerabilities are found by source code analysis vs. Changelog.txt "reverse engineering" 🙂

Original Advisory : http://www.waraxe.us/advisory-50.html

 



Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback. Print This Post Print This Post


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge