[wp-trac] [WordPress Trac] #20436: SQL injection, deleted most of wp_options table

WordPress Trac wp-trac at lists.automattic.com
Sat Apr 14 00:42:56 UTC 2012 

#20436: SQL injection, deleted most of wp_options table
--------------------------+------------------------------
 Reporter:  kieran.c      |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Database      |     Version:  3.3.1
 Severity:  critical      |  Resolution:
 Keywords:                |
--------------------------+------------------------------
Description changed by azaozz:

Old description:

> Don't know the specifics, but my site was hacked through SQL injection in
> the comment form. Most the wp_options table was deleted.
>
> The website is skeheenarinky.com.
>
> From the server error log:
> [29-Mar-2012 23:09:42] WordPress database error Illegal mix of collations
> (latin1_swedish_ci,IMPLICIT) and (utf8_general_ci,COERCIBLE) for
> operation '=' for query SELECT comment_ID FROM wp_comments WHERE
> comment_post_ID = '764' AND comment_approved != 'trash' AND (
> comment_author = 'Wypozyczalnia samochodów Gdansk lotnisko' ) AND
> comment_content = '<strong>Wypozyczalnia samochodów Gdansk
> lotnisko...</strong>
>
> [...]News and Views &#8211; October 6 2011 &mdash;
> Skeheenarinky.com[...]...' LIMIT 1 made by require, require_once,
> include, wp_new_comment, wp_allow_comment
> [29-Mar-2012 23:09:45] WordPress database error Illegal mix of collations
> (latin1_swedish_ci,IMPLICIT) and (utf8_general_ci,COERCIBLE) for
> operation '=' for query SELECT comment_ID FROM wp_comments WHERE
> comment_post_ID = '941' AND comment_approved != 'trash' AND (
> comment_author = 'Wypozyczalnia samochodów Gdansk' ) AND comment_content
> = '<strong>Wypozyczalnia samochodów Gdansk...</strong>
>
> [...]Skeheenarinky Notes &#8211; January 12 2012 &mdash;
> Skeheenarinky.com[...]...' LIMIT 1 made by require, require_once,
> include, wp_new_comment, wp_allow_comment
> [02-Apr-2012 09:37:40] PHP Warning:  PHP Startup: mm_create(0,
> /tmp/session_mm_cgi32055) failed, err mm:core: failed to open semaphore
> file (File exists) in Unknown on line 0

New description:

 Don't know the specifics, but my site was hacked through SQL injection in
 the comment form. Most the wp_options table was deleted.

--

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/20436#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list