7 matches found
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to getscript/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user...
WordPress ChopSlider3 id SQLi Scanner
The iDangero.us Chop Slider 3 WordPress plugin version 3.4 and prior contains a blind SQL injection in the id parameter of the getscript/index.php page. The injection is passed through GET parameters, and thus must be encoded, and magicquotes is applied at the server. Module Options msf use...
WordPress ChopSlider3 3.4 SQL Injection
Exploit Title: ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research Google Dork: N/A Date: 2020-05 -12 Vendor Homepage: https://idangero.us/ Software Link: https://github.com/idangerous/Plugins Version: getrow'SELECT FROM ' . CHOPSLIDERTABLENAME...
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to getscript/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user...
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to getscript/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user...
CVE-2020-11530
Affected software : WordPress Chop Slider 3 plugin (Chop Slider 3). Vulnerability : blind SQL injection in the id parameter of get_script/index.php. Root cause / vector : the id GET parameter is used in a SQL query without proper handling, allowing arbitrary SQL execution in the WP database conte...
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to getscript/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user. Recent assessments: h00die ...