CVE-2011-4671

Description

SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).

Affected products

• adrotateplugin / adrotate3.6.7
• adrotateplugin / adrotate0.1 – 0.1
• adrotateplugin / adrotate0.2 – 0.2
• adrotateplugin / adrotate0.3 – 0.3
• adrotateplugin / adrotate0.4 – 0.4
• adrotateplugin / adrotate0.5 – 0.5
• adrotateplugin / adrotate0.6 – 0.6
• adrotateplugin / adrotate0.7 – 0.7
• adrotateplugin / adrotate0.7.1 – 0.7.1
• adrotateplugin / adrotate0.8 – 0.8
• adrotateplugin / adrotate1.0 – 1.0
• adrotateplugin / adrotate2.0 – 2.0
• adrotateplugin / adrotate2.0.1 – 2.0.1
• adrotateplugin / adrotate2.1 – 2.1
• adrotateplugin / adrotate2.2 – 2.2
• adrotateplugin / adrotate2.3 – 2.3
• adrotateplugin / adrotate2.3.1 – 2.3.1
• adrotateplugin / adrotate2.4 – 2.4
• adrotateplugin / adrotate2.4.1 – 2.4.1
• adrotateplugin / adrotate2.4.2 – 2.4.2
• adrotateplugin / adrotate2.4.3 – 2.4.3
• adrotateplugin / adrotate2.4.4 – 2.4.4
• adrotateplugin / adrotate2.5 – 2.5
• adrotateplugin / adrotate2.5.1 – 2.5.1
• adrotateplugin / adrotate2.6 – 2.6
• adrotateplugin / adrotate2.6.1 – 2.6.1
• adrotateplugin / adrotate3.0 – 3.0
• adrotateplugin / adrotate3.0.1 – 3.0.1
• adrotateplugin / adrotate3.0.2 – 3.0.2
• adrotateplugin / adrotate3.0.3 – 3.0.3
• adrotateplugin / adrotate3.1 – 3.1
• adrotateplugin / adrotate3.1.1 – 3.1.1
• adrotateplugin / adrotate3.2 – 3.2
• adrotateplugin / adrotate3.2.1 – 3.2.1
• adrotateplugin / adrotate3.2.2 – 3.2.2
• adrotateplugin / adrotate3.3 – 3.3
• adrotateplugin / adrotate3.3.1 – 3.3.1
• adrotateplugin / adrotate3.4 – 3.4
• adrotateplugin / adrotate3.5 – 3.5
• adrotateplugin / adrotate3.5.1 – 3.5.1
• adrotateplugin / adrotate3.6 – 3.6
• adrotateplugin / adrotate3.6.1 – 3.6.1
• adrotateplugin / adrotate3.6.2 – 3.6.2
• adrotateplugin / adrotate3.6.3 – 3.6.3
• adrotateplugin / adrotate3.6.4 – 3.6.4
• adrotateplugin / adrotate3.6.5 – 3.6.5
• adrotateplugin / adrotate3.6.6 – 3.6.6

References

• MISChttp://www.securityfocus.com/bid/50674
• VENDOR_ADVISORYhttp://secunia.com/advisories/46814
• MISChttp://downloads.wordpress.org/plugin/adrotate.3.6.8.zip
• EXPLOIThttp://www.exploit-db.com/exploits/18114
• MISChttp://unconciousmind.blogspot.com/2011/11/wordpress-adrotate-plugin-366-sql.html