WordPress Advanced Page Visit Counter <= 6.1.5 - Blind SQL Injection (SQLi) vulnerability

Blind SQL Injection SQLi vulnerability discovered by Krzysztof Zając in WordPress Advanced Page Visit Counter versions = 6.1.5. Solution Update the WordPress Advanced Page Visit Counter – Most Advanced WordPress Visit Counter Plugin to the latest available version at least 6.1.6...

Advanced Page Visit Counter < 6.1.6 - Subscriber+ Blind SQL injection

The plugin does not escape the artID parameter before using it in a SQL statement in the apvcresetcountart AJAX action, available to any authenticated user, leading to a SQL injection v = 5.0.8 - https://example.com/wp-admin/admin-ajax.php?action=apvcresetcountart&artID=sleep10 v 6.1.6 -...

Online Sports Complex Booking System 1.0 SQL Injection

Exploit Title: Online Sports Complex Booking System - 'id' Blind SQL Injection Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html...

CVE-2022-0842

A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote authenticated attacker to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to obtain sensitive data...

CVE-2022-0842

CVE-2022-0842 affects McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13. The vulnerability is a blind SQL injection in ePO, which could let a remote authenticated attacker obtain information from the ePO database. The amount of data potentially exposed depends on the attacker’s...

CVE-2021-45821

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...

CVE-2021-45821

Xbtit 3.1 is affected by a blind SQL injection in the sid parameter of ajaxchat/getHistoryChatData.php, exploitable by registered users. The vulnerability arises from a missing filter/escape for SQL statements, enabling extraction of sensitive data (e.g., usernames and passwords) and, in some cas...

CVE-2021-43969

The CVE-2021-43969 entry concerns Quicklert for Digium 10.0.0 (1043). The vulnerability is a SQL injection in login.jsp (uname parameter) that enables Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Impact described in sources is disclosure of all data ...

Sql injection

The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the order and orderby parameters to the ajaxfetchreportlist action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protecti...

CVE-2022-0439

CVE-2022-0439 affects the Email Subscribers & Newsletters WordPress plugin prior to 5.3.2. The vulnerability arises from improper escaping of the order and orderby parameters in the ajax_fetch_report_list action, enabling blind SQL injection. CSRF protection is also absent for this action, allowi...

CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection

The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nxid parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection...

PT-2022-13184

Name of the Vulnerable Software and Affected Versions Email Subscribers & Newsletters WordPress plugin versions prior to 5.3.2 Description The issue concerns a blind SQL injection vulnerability due to incorrect escaping of the order and orderby parameters in the ajax fetch report list action. Thi...

Metasploit Weekly Wrap-Up

Nagios XI web shell upload module New this week is a Nagios Web Shell Upload module from Rapid7' own Jake Baines, which exploits CVE-2021-37343. This module builds upon the existing Nagios XI scanner written by Erik Wynter. Versions of Nagios XI prior to 5.8.5 are vulnerable to a path traversal...

Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump

This module uses a blind SQL injection CVE-2020-5724 affecting the Grandstream UCM62xx IP PBX to dump the users table. The injection occurs over a websocket at the websockify endpoint, and specifically occurs when the user requests the challenge as part of a challenge and response authentication...

WP Statistics < 13.1.6 - Unauthenticated Blind SQL Injection via current_page_type

The is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpagetype parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information...

WP Statistics < 13.1.6 - Unauthenticated Blind SQL Injection via current_page_id

The plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpageid parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information...

WordPress WP Statistics plugin <= 13.1.5 - Unauthenticated Blind SQL Injection (SQLi) vulnerability

Unauthenticated Blind SQL Injection SQLi vulnerability via currentpageid discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress WP Statistics plugin versions = 13.1.5. Solution Update the WordPress WP Statistics plugin to the latest available version at least 13.1.6...

CVE-2022-24226

Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php...

Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection

The plugin does not correctly escape the order and orderby parameters to the ajaxfetchreportlist action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protection in place for the action, allowing an attacker to tri...

Home Owners Collection Management System 1.0 SQL Injection

Exploit Title: Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...