[Plugin: Sharebar] A Few Bugs Including SQL Injection Exploit | WordPress.org

Anonymous User 5746546
(@anonymized-5746546)

12 years, 5 months ago

Just FYI, there are some bugs I pointed out in the cevhershare port of your plugin which are not addressed in your latest version. Sorry, I know you don’t like cevhershare but I didn’t know about your plugin until recently so I posted my fixes there. Also, in sharebar-admin.php, it is easy to perform an SQL injection attack when the code captures the ‘id’ value from GET and POST. You may want to copy the cevhershare fix for that. See http://www.exploit-db.com/exploits/17891/ for the exploit.

http://wordpress.org/extend/plugins/sharebar/

The topic ‘[Plugin: Sharebar] A Few Bugs Including SQL Injection Exploit’ is closed to new replies.

In: Plugins
0 replies
1 participant
Last reply from: Anonymous User 5746546
Last activity: 12 years, 5 months ago
Status: not a support question