================================================================================
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/
| | |___ |___ | | | | | | | \_ |__] | | | \
================================================================================
####
# Exploit Title: WordPress p1m media manager plugin SQL Injection Vulnerability
# Author: KinG Of PiraTeS
# Facebook Profile: www.fb.me/cr4ck3d
# Facebeook Page : www.fb.me/serial.crack
# Facebeook Page : www.fb.me/Cars2Luxe
# E-mail: t5r@hotmail.com / cr4ck3d@offdr5cax.dz
# Category:: webapps
# Google Dork: inurl:"/wp-content/plugins/p1m-media-manager/"
# platform : php
# Vendor: NA
# Version: x.x.x
# Security Risk : High
# Tested on: [Windows 7 Edition Intégrale 64bit ]
####
##
# | >> --------+++=[ Dz Offenders Cr3w ]=+++--------
Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 |
# | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * Dr.55h |
# | * ------> KinG Of PiraTeS * The g0bl!n
> ----------------------------------------------------------------
1)Introduction
==============
2)Vulnerability Description
===========================
U can inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database.
Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password.
With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.
3)Exploit
=========
http://Localhost/{Path}/wp-content/plugins/p1m-media-manager/player.php?id=-208
[~] P0c [~] :
============
Vuln file in :
http://Localhost/{Path}/wp-content/plugins/p1m-media-manager/player.php