Lucene search
K

6 matches found

exploitpack
exploitpack
added 2018/01/03 12:0 a.m.80 views

WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection

WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/...

7.5CVSS0.9AI score0.91477EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/01/03 12:0 a.m.61 views

WordPress Smart Google Code Inserter SQL Injection

Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: 3.4...

9.2AI score0.91477EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/01/03 12:0 a.m.50 views

WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection

Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: 3.4...

9.8CVSS9.5AI score0.91477EPSS
Exploits6
NVD
NVD
added 2018/01/01 6:29 a.m.30 views

CVE-2018-3811

SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...

9.8CVSS10AI score0.42911EPSS
Exploits5References4
CVE
CVE
added 2018/01/01 6:0 a.m.77 views

CVE-2018-3811

The information set confirms CVE-2018-3811 affects the WordPress Oturia Smart Google Code Inserter plugin prior to v3.5. The root cause is an SQL Injection in saveGoogleAdWords() where $_POST["oId"] is unsafely interpolated into an SQL query without prepared statements or input sanitization, allo...

9.8CVSS9.9AI score0.42911EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2018/01/01 6:0 a.m.40 views

CVE-2018-3811

SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...

10AI score0.42911EPSS
Exploits5References4
Rows per page
Query Builder