CVE-2007-1897

WordPress < 2.1.2 - Authenticated SQL Injection via XML-RPC mt.setPostCategories Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1897. PoCs published by Sumit Siddharth.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in WordPress 2.1.2 via the XML-RPC interface. It extracts user credentials, hashes, and system information by injecting malicious SQL queries into the 'mt.setPostCategories' method.

Description

SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sumit Siddharth · perlwebappsphp

https://www.exploit-db.com/exploits/3656

View Code ZIP pw:eip

This Perl script exploits a SQL injection vulnerability in WordPress 2.1.2 via the XML-RPC interface. It extracts user credentials, hashes, and system information by injecting malicious SQL queries into the 'mt.setPostCategories' method.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress 2.1.2

Auth required

Prerequisites: Valid WordPress user credentials (contributor role or higher) · Valid post ID the user can edit · XML-RPC interface enabled

MITRE ATT&CK