Home / os / winmobile

WordPress FAdvertisement SQL Injection

Posted on 15 August 2017

[+] Title: WordPress FAdvertisement Plugin Sql Injection Vulnerability [+] Date: 2017/08/13 [+] Author: APA Golestan - GuCert [+] Vendor Homepage: www.WordPress.org [+] Tested on: Windows 10 & Kali Linux [+] Vulnerable File: /Redirect.php [+} Dork : inurl:/wp-content/plugins/FAdvertisement/Redirect.php?id= ### POC: [+} http://site/wp-content/plugins/FAdvertisement/Redirect.php?id=[SQL-Injection] ### Demo: [+] http://negaheghtesadi.ir/wp-content/plugins/FAdvertisement/Redirect.php?id=11 ' ### Credit: [+] Gucert.ir ================================ thank you for all packetstormsecurity admins d

 

TOP