adsense

How to Find SQL Injections in WordPress





1. Open a Web browser and navigate to your WordPress website. Open a page that contains a form with text boxes. The text boxes are where the SQL injection hack is used.
2. Type the following SQL injection code into one of the text boxes:' or '0' = '0' ; --The code above retrieves all records from a table, because the '0 = 0' logic returns true for all records. The dashes at the end comment out any SQL code at the end of the statement, so the SQL does not return an error.

3. Click the 'Submit' button on your form page. If an error returns or you see a list of records, your site is vulnerable to SQL injection.
4. Repeat the SQL injection code for each of your WordPress text boxes. You must check each box, because each box is vulnerable to SQL injection.

Comments

0 Responses to "How to Find SQL Injections in WordPress"

Post a Comment

Popular Posts

About