|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SQL Injection Exploit for WordPress <= 1.5.1.1
From: Giorgio Mandolfo (giorgio
mandolph.ath.cx)
Date: Tue Jun 07 2005 - 15:24:38 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
* Alberto Trivero <triverojumpy.it> [070605, 21:40]:
> #!/usr/bin/perl -w
Thanks for the code.
In any case I get 'Unable to retrieve username' and 'hash of password'
That's quite strange since I run a exploitable version.
According to wp-includes/version.php this is Wordpress 1.5 (old install from a
gentoo system)
GLSA 200506-04 says that Wordpress < 1.5.1.2 is vulnerable, but it seems not to
be the case.
Who can clarify?
Thanks,
Giorgio
--
BOFH excuse #449:
greenpeace free'd the mallocs
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]