SQL Injection in search function

Description In the search function \ \ \ \ With options recentplayed, user input is taken directly into the query without being included in the prepare statement \ \ \ Proof of Concept POST /ampache-5.5.6allphp7.4/public/search.php?type=song HTTP/1.1 Host: localhost:8888 User-Agent: Mozilla/5.0...

VulnCheck KEV: CVE-2017-14723

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb-prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks...

WordPress Mingle Forum plugin <= 1.0.31 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Mingle Forum plugin = 1.0.31 SQL Injection Vulnerability Date: 2011-09-19 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/mingle-forum.1.0.31.zip Version: 1.0.31 tested...

WordPress Mingle Forum 1.0.31 SQL Injection

Exploit Title: WordPress Mingle Forum plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0 e.g. curl --data "wpfsecuritycheck=MhWNow%3D%3D&wpfsecuritycode=fail&editpostsubmit=1&message=test&editpostsubject=test&threadid=1&editpostid=-1 AND...