[wp-hackers] Fwd: wp22xmlrpc-sql.txt

DD32 wordpress at dd32.id.au
Fri Jun 8 00:14:01 GMT 2007

untested by me, havnt seen it mentioned anywhere,
The table prefix is hard coded, and the affected function looks unchanged  
in 2.3

> Wordpress version 2.2 remote SQL injection exploit that makes use of  
> xmlrpc.php.
> _________________________________________________________________
> Article:
> * http://packetstormsecurity.org/0706-exploits/wp22xmlrpc-sql.txt
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

More information about the wp-hackers mailing list