Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 25 Sep 2017 14:16:04 +0200
From: Slavco Mihajloski <slavco.mihajloski@...il.com>
To: oss-security@...ts.openwall.com
Subject: wordpress <= 4.8.1 SQLi

Isuue in wpdb->prepare() method guides to sqli in the wordpress.

https://wordpress.org/news/

https://medium.com/websec/wordpress-sqli-bbb2afcc8e94

PoC:
https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e

Regards,
Slavco

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ