Lucene search
K

6 matches found

Metasploit
Metasploit
added 2020/11/05 5:41 p.m.135 views

WordPress Loginizer log SQLi Scanner

Loginizer wordpress plugin contains an unauthenticated timebased SQL injection in versions before 1.6.4. The vulnerable parameter is in the log parameter. Wordpress has forced updates of the plugin to all servers Module Options msf use auxiliary/scanner/http/wploginizerlogsqli msf...

9.8CVSS9.7AI score0.53619EPSS
Exploits4
Check Point Advisories
Check Point Advisories
added 2020/10/26 12:0 a.m.38 views

WordPress Loginizer Plugin SQL injection (CVE-2020-27615)

An SQL injection vulnerability exists in WordPress Loginizer Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

7.5CVSS3.2AI score0.53619EPSS
Exploits4
Circl
Circl
added 2020/10/22 12:51 a.m.28 views

CVE-2020-27615

creationtimestamp| type| source ---|---|--- 2020-10-22 00:51:26+00:00| seen| https://t.me/cibsecurity/15509 2020-11-05 14:43:56+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wploginizerlogsqli.rb 2025-02-06 03:13:44+00:00| seen|...

9.8CVSS8.7AI score0.53619EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2020/10/22 12:0 a.m.156 views

WordPress Loginizer plugin < 1.6.4 blind SQLi (CVE-2020-27615)

The Loginizer Plugin for WordPress running on the remote web server is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this issue to inject or manipulate SQL queries in the back-end database, resulting ...

9.8CVSS8.7AI score0.53619EPSS
Exploits4References3
NVD
NVD
added 2020/10/21 9:15 p.m.49 views

CVE-2020-27615

The Loginizer plugin before 1.6.4 for WordPress allows SQL injection with resultant XSS, related to loginizerloginfailed and lzvalidip...

9.8CVSS0.53619EPSS
Exploits4References4
CVE
CVE
added 2020/10/21 8:7 p.m.117 views

CVE-2020-27615

The CVE-2020-27615 entry concerns the WordPress Loginizer plugin prior to 1.6.4. Affected component: loginizer_log or related backend SQL paths in the plugin. Root cause: unauthenticated SQL injection due to improper input handling (noted as via the log parameter, loginizer_login_failed, and lz_v...

9.8CVSS9.8AI score0.53619EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder