WordPress 2.1.3 SQL Injection Vulnerability
6 days after Wordpress 2.2 release, Janek Vind has discovered a vulnerability in WordPress 2.1.3, which can be exploited to conduct SQL injection attacks. Secunia has the scoop on this one :
Input passed to the "cookie" parameter in wp-admin/admin-ajax.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
As dangerous as this vulnerability seems, the attacker needs to know the database table prefix in order to carry on successful data enumeration.
I wonder how many of these vulnerabilities are found by source code analysis vs. Changelog.txt "reverse engineering" 
Original Advisory : http://www.waraxe.us/advisory-50.html
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Print This Post
Post Info
This entry was posted on Monday, May 21st, 2007 and is filed under Sql Injection, Vulnerabilities, Web Applications.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Security Keywords MFA (made for ads) websites »
Next Post: Finjan Web Security Trends Report - Q1/2007 »
Read More
Related Reading:- 8 mm Vulnerability Management Presentation
- Gemalto - Security To Be Free
- Free alternative to ArcSight ESM ? Hardly..
- Privacy Dilemma: How to Protect Yourself Online
- Solera Networks Deep-Packet Capture Review
- WordPress Exploit Scanner
- Phishing Exposed, Brands Secured
- Scanners: New Nessus Release; New eEye Web Scanner
- Good News from ArcSight and Imperva
- CCTV Security Camera and Surveillance Equipment
