[wp-hackers] forum post: sql injection
Denis de Bernardy
denis at semiologic.com
Fri Aug 5 00:03:47 GMT 2005
Magic quotes on?
D.
> -----Original Message-----
> From: wp-hackers-bounces at lists.automattic.com
> [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of
> Mike Little
> Sent: Thursday, August 04, 2005 5:02 PM
> To: wp-hackers at lists.automattic.com
> Subject: Re: [wp-hackers] forum post: sql injection
>
>
> On 04/08/05, Scott Merrill <skippy at skippy.net> wrote:
> > Scott Merrill wrote:
> > > http://wordpress.org/support/topic/41064
> > >
> > > A quckie plugin registered against check_passwords might be a
> > > stop-gap fix.
> > >
> >
>
> There is no sql injection vulnerability that I can see.
>
> I tired setting a password to
>
> password'), user_level=9, user_firstname=('
>
> hoping to get
>
> $updatepassword = "user_pass=MD5('password'),
> user_level=upper('9'), ";
>
> what I got, in the query, was
>
> user_pass=MD5('password\\'), user_level=upper(\\'9'),
>
> Which gives a syntax error and hence the 'your session has
> expired' message.
>
> Mike
> --
> Mike Little
> http://zed1.com/journalized/
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list