Lucene search
+L

8 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.264 views

Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Secure Copy Content Protection and Content Locking sccpid Unauthenticated SQLi', 'Description' = %q Secure Copy Content Protection and...

9.8CVSS7.4AI score0.78812EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2022/03/04 9:52 p.m.286 views

Metasploit Weekly Wrap-Up

This week’s Metasploit Framework release brings us seven new modules. IP Camera Exploitation Rapid7’s Jacob Baines was busy this week with two exploit modules that target IP cameras. The first module exploits an authenticated file upload on Axis IP cameras. Due to lack of proper sanitization, an...

9.3CVSS0.99869EPSS
Exploits216
Metasploit
Metasploit
added 2022/02/25 5:43 p.m.203 views

Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi

Secure Copy Content Protection and Content Locking, a WordPress plugin, prior to 2.8.2 is affected by an unauthenticated SQL injection via the sccpid parameter. Remote attackers can exploit this vulnerability to dump usernames and password hashes from thewpusers table of the affected WordPress...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/02/10 12:0 a.m.314 views

WordPress Secure Copy Content Protection And Content Locking 2.8.1 SQL Injection

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS0.2AI score0.78812EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.330 views

WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
Circl
Circl
added 2021/12/06 6:20 p.m.78 views

CVE-2021-24931

creationtimestamp| type| source ---|---|--- 2021-12-06 18:20:47+00:00| seen| https://t.me/cibsecurity/33377 2022-02-24 22:14:11+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wpsecurecopycontentprotectionsqli.rb 2023-04-27 09:58:59+00:00|...

9.8CVSS8.4AI score0.78812EPSS
In wildExploits7References6
Cvelist
Cvelist
added 2021/12/06 3:55 p.m.60 views

CVE-2021-24931 Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection

The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection...

10AI score0.78812EPSS
Exploits7References2
CVE
CVE
added 2021/12/06 3:55 p.m.134 views

CVE-2021-24931

The WordPress plugin Secure Copy Content Protection and Content Locking (versions before 2.8.2) is affected by an SQL injection due to unsafely using the sccp_id parameter of the ays_sccp_results_export_file AJAX action. The vulnerability is exploitable by unauthenticated users and can lead to un...

9.8CVSS9.7AI score0.78812EPSS
In wildExploits7References2Affected Software1
Rows per page
Query Builder