Sql injection

The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed...

Debian: Security Advisory (DLA-2824-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2824-1] firebird3.0 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2824-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 20, 2021 https://wiki.debian.org/LTS -...

StopBadBots < 6.67 - Unauthenticated SQL Injection

The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection PoC GET / HTTP/1.1 User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- - Accept:...

CVE-2021-24625

The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category...

Sql injection

The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category...

CVE-2021-24791 Header Footer Code Manager < 1.1.14 - Admin+ SQL Injections

The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections...

CVE-2021-24625 SpiderCatalog <= 1.7.3 - Admin+ SQL Injection

The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category...

Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection

The plugin does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection. PoC...

WordPress MainWP Child Reports plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress MainWP Child Reports plugin has a SQL injection vulnerability in versions prior to 2.0.8, which stems...

Download Monitor < 4.4.5 - Admin+ SQL Injection

The plugin does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue PoC There need to be at least one log for the payload to trigger...

Stream < 3.8.2 - Admin+ SQL Injection

The plugin does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue. PoC https://example.com/wp-admin/admin.php?page=wpstream=+AND+SELECT+9940+FROM+SELECTSLEEP5vqNl...

Sql injection

The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an orderid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors...

Sql injection

A proid GET parameter of the WordPress支付�Alipay|财付通Tenpay|��PayPal集��件 WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection...

CVE-2021-24393 Comment Highlighter <= 0.13 - Authenticated SQL Injection

A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...

4images 1.8 SQL Injection

Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...

CVE-2021-24507 Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection

The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astrapaginationinfinite and astrashoppaginationinfinite AJAX action available to both unauthenticated and authenticated user before using them in SQL statement, leading to an...

PT-2021-7495 · Mariadb +10 · Mariadb Server +10

Name of the Vulnerable Software and Affected Versions: MariaDB Server versions 10.6 and below Description: The issue is related to an use-after-free in the my strcasecmp 8bit component of MariaDB Server, which can be exploited through specially crafted SQL statements, potentially allowing a remot...

WordPress Secure Copy Content Protection Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Secure Copy Content Protection plugin is an application plugin for WordPress. A SQL injection vulnerability exists in...

WordPress Sendit WP Newsletter plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Sendit WP Newsletter plugin 2.5.1 and earlier...