Wordpress XMLRPC.PHP SQL Injection Vulnerability
TITLE: Wordpress XMLRPC.PHP SQL Injection Vulnerability
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 06 2007 12:00AM
UPDATE: Jun 08 2007 01:40AM
CREDIT: Slappter is credited with the discovery of this vulnerability.
VULNERABLE:
WordPress WordPress 2.2NOT VULNERABLE:
WordPress WordPress 2.2.1
Vai alla pagina originale su Security Focus
Discussion
WordPress is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
This issue affects WordPress 2.2; other versions may also be vulnerable.
Exploit
Attackers can use a browser to exploit this issue.
The following exploit is available:
Solution
Solution:
The vendor has released WordPress 2.2.1 to address this issue; please see the references for details on fixes and upgrades.
WordPress WordPress 2.2
- WordPress latest.tar.gz
http://wordpress.org/latest.tar.gz
References
References:
- Ticket #4348 : Make sure max_results in wp_suggestCategories is an integer (XML- (WordPress)
- WordPress Homepage (WordPress)