Tags archives: sqlmap

 

 

 

 

 

 

0

WordPress Booking Calendar Contact Form 1.0.2 XSS / SQL Injection

# Exploit Title: WordPress Booking Calendar Contact Form 1.0.2[Multiple vulnerabilities] # Date: 2015-05-01 # Google Dork: Index of /wordpress/wp-content/plugins/booking-calendar-contact-form/ # Exploit Author: Joaquin Ramirez Martinez [ i0akiN SEC-LABORATORY ] # Software Link: http://wordpress.dwbooster.com/calendars/booking-calendar-contact-form # Vendor: CodePeople.net # Vebdor URI: http://codepeople.net # Version: 1.0.2 # OWASP Top10: A1-Injection # Tested on: windows 7 ultimate + firefox [...]

 

0

WordPress NEX-Forms 3.0 SQL Injection inurlbr

# AUTOR SCRIPT: Cleiton Pinheiro / Nick: googleINURL # Exploit name: MINI 3xplo1t-SqlMap - WordPress NEX-Forms 3.0 SQL Injection Vulnerability # Type: SQL Injection # Email: inurlbr@gmail.com # Blog: http://blog.inurl.com.br # Twitter: https://twitter.com/googleinurl # Fanpage: https://fb.com/InurlBrasil # Pastebin http://pastebin.com/u/Googleinurl # GIT: https://github.com/googleinurl # PSS: http://packetstormsecurity.com/user/googleinurl # YOUTUBE: http://youtube.com/c/INURLBrasil # PLUS: http://google.com/+INURLBrasil # Who Discovered http://www.homelab.it/index.php/2015/04/21/wordpress-nex-forms-sqli [...]

 

0

WordPress NEX-Forms 3.0 SQL Injection SQLMAP

######################   # Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability   # Exploit Author : Claudio Viviani   # Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 (Full HomelabIT Vulns Archive)     # Vendor Homepage : https://wordpress.org/plugins/nex-forms-express-wp-form-builder/   # Software Link : https://downloads.wordpress.org/plugin/nex-forms-express-wp-form-builder.3.0.zip   # Dork Google: inurl:nex-forms-express-wp-form-builder # index of nex-forms-express-wp-form-builder   # Date : 2015-03-29 [...]

 

0

CMS 2.1.1 SQL Injection

# SQL Injection on @CMS 2.1.1 Stable # Risk: High # CWE number: CWE-89 # Date: 22/08/2014 # Vendor: www.atcode.net # Author: Felipe " Renzi " Gabriel # Contact: renzi@linuxmail.org # Tested on: Linux Mint # Vulnerable File: articles.php # Exploit: http://host/articles.php?cat_id=[SQLI] # PoC: http://carla-columna.de/articles.php?cat_id=[SQLI]     --- "SQLi using sqlmap."---   Place: GET Parameter: [...]

 

0

[Pentesting]SQLMap: Hackerare un sito con SQLmap