Wso Shell
Giriş Yap/Üye Ol
reklam

Etiket: WordPress Plugin stafflist 3.1.2 - SQLi

WordPress Plugin stafflist 3.1.2 - SQLi

WSO SHELL Expoilt 18.May.2022 124 görüntülenme 0 yorum
indir
# Exploit Title: WordPress Plugin stafflist 3.1.2 - SQLi (Authenticated) # Date: 05-02-2022 # Exploit Author: Hassan Khan Yusufzai - Splint3r7 # Vendor Homepage: https://wordpress.org/plugins/stafflist/ # Version: 3.1.2 # Tested on: Firefox # Contact me: h [at] spidersilk.com # Vulnerable Code: $w = (isset($_GET['search']) && (string) trim($_GET['search'])!="" ? ... $where = ($w ? "WHERE LOWER(lastname) LIKE '%{$w}%' OR LOWER(firstname) LIKE '%{$w}%' OR LOWER(department) LIKE '...