CVE-2014-1854 – AdRotate – Ad manager & AdSense Ads 3.9 - 3.9.4 - SQL Injection
https://notcve.org/view.php?id=CVE-2014-1854
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter. Vulnerabilidad de inyección SQL en library/clicktracker.php en los plugins AdRotate Pro 3.9 hasta 3.9.5 y AdRotate Free 3.9 hasta 3.9.4 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro track. The Ad manager & AdSense Ads for WordPress is vulnerable to blind SQL Injection via the ‘track’ parameter in versions 3.9 to 3.9.4 in the free version and 3.9 to 3.9.5 in the premium version due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. AdRotate version 3.9.4 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/31834 http://secunia.com/advisories/57079 http://www.adrotateplugin.com/2014/01/adrotate-pro-3-9-6-and-adrotate-free-3-9-5 http://www.exploit-db.com/exploits/31834 http://www.securityfocus.com/archive/1/531176/100/0/threaded http://www.securityfocus.com/bid/65709 https://exchange.xforce.ibmcloud.com/vulnerabilities/91253 https://www.htbridge.com/advisory/HTB23201 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2011-4671 – AdRotate – Ad manager & AdSense Ads < 3.6.8 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-4671
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL). Vulnerabilidad de inyección SQL en adrotate/adrotate-out.php en el complemento AdRotate v3.6.6, y otras versiones anteriores a v3.6.8 para WordPress, permite a atacantes remotos ejecutar comandos SQL a través del parámetro track (también conocido como URL). • https://www.exploit-db.com/exploits/17888 https://www.exploit-db.com/exploits/18114 http://downloads.wordpress.org/plugin/adrotate.3.6.8.zip http://secunia.com/advisories/46814 http://unconciousmind.blogspot.com/2011/11/wordpress-adrotate-plugin-366-sql.html http://www.exploit-db.com/exploits/18114 http://www.securityfocus.com/bid/50674 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •