6 matches found
WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection
WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/...
WordPress Smart Google Code Inserter SQL Injection
Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: 3.4...
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: 3.4...
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
CVE-2018-3811
The information set confirms CVE-2018-3811 affects the WordPress Oturia Smart Google Code Inserter plugin prior to v3.5. The root cause is an SQL Injection in saveGoogleAdWords() where $_POST["oId"] is unsafely interpolated into an SQL query without prepared statements or input sanitization, allo...
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...