[wp-hackers] forum post: sql injection
Mike Little
journalized at gmail.com
Fri Aug 5 00:01:41 GMT 2005
On 04/08/05, Scott Merrill <skippy at skippy.net> wrote:
> Scott Merrill wrote:
> > http://wordpress.org/support/topic/41064
> >
> > A quckie plugin registered against check_passwords might be a stop-gap fix.
> >
>
There is no sql injection vulnerability that I can see.
I tired setting a password to
password'), user_level=9, user_firstname=('
hoping to get
$updatepassword = "user_pass=MD5('password'), user_level=upper('9'), ";
what I got, in the query, was
user_pass=MD5('password\\'), user_level=upper(\\'9'),
Which gives a syntax error and hence the 'your session has expired' message.
Mike
--
Mike Little
http://zed1.com/journalized/
More information about the wp-hackers
mailing list