Good LMS < 2.1.5 - Unauthenticated SQL Injection

The Good LMS WordPress plugin was vulnerable to Unauthenticated SQL Injection in its 'id' parameter of the gdlrlmscancelbooking action. POST /wp-admin/admin-ajax.php HTTP/1.1 action=gdlrlmscancelbooking&id=SELECT 1337 FROM SELECTSLEEP10MrMV...

Wordpress Plugin Good LMS 2.1.4 - &#039;id&#039; Unauthenticated SQL Injection

Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection Software Link: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850 Version: prefix . 'gdlrpayment '; 688- $sql .= 'WHERE id=' . $POST'id' . ' AND '; 689- $sql .=...

WordPress Learning Management System Plugin - course_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Good LMS - Learning Management System WP Plugin SQL Injection Exploit Author Web Site: http://esecurity.ir Special Thanks : Meisam Monsef email protected - Telegram ID : @meisamrce Vendor Homepage: https://goodlayers.com/ Versio...

WordPress Good LMS SQL Injection

Exploit Title: Good LMS - Learning Management System WP Plugin SQL Injection Date: 2018-01-24 Exploit Author: Esecurity.ir Exploit Author Web Site: http://esecurity.ir Special Thanks : Meisam Monsef [email protected] - Telegram ID : @meisamrce Vendor Homepage: https://goodlayers.com/ Version: A...