CVE-2018-25347

The vulnerability affects WordPress WordPress Contact Form Maker Plugin 1.12.20. It exposes SQL injection in the FormMakerSQLMapping and generete_csv_fmc AJAX actions, allowing an authenticated attacker to manipulate database queries via the name and search_labels parameters to potentially extrac...

EUVD-2018-21866

WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generetecsv actions. Attackers can submit POST requests with malicious SQL payloads in t...

WordPress plugin Contact Form Maker SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

Joomla FormMaker Component - SQL Injection Vulnerability

Usage Info python sqlmap.py -u "http://localhost/index.php?option=comformmaker&view=formmaker&id=-5653&Itemid=45" --dbs Exploit Title: Joomla FormMaker Component - SQL Injection Vulnerability Google Dork: Y0ur Brain Date: 28.03.2015 Exploit Author: CrashBandicot @DosPerl Vendor HomePage:...