Lucene search
K

17 matches found

Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.195 views

WP AutoComplete 1.0.4 - Unauthenticated SQLi

Exploit Title: WP AutoComplete 1.0.4 - Unauthenticated SQLi Date: 30/06/2023 Exploit Author: Matin nouriyan matitanium Version: = 1.0.4 CVE: CVE-2022-4297 Vendor Homepage: https://wordpress.org/support/plugin/wp-autosearch/ Tested on: Kali linux --------------------------------------- The WP...

9.8CVSS9.7AI score0.03595EPSS
Exploits5
WPVulnDB
WPVulnDB
added 2023/05/09 12:0 a.m.20 views

Ultimate Addons for Contact Form 7 < 3.1.24 - Unauthenticated SQLi

The plugin does not properly sanitise and escape the id and formid parameters before using them in a SQL statement, leading to a SQL injection exploitable by unauthenticated users...

8AI score0.00652EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2023/04/24 6:30 p.m.27 views

CVE-2023-1020 Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated SQLi

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

10AI score0.0499EPSS
Exploits2References1
wpexploit
wpexploit
added 2023/02/20 12:0 a.m.155 views

10WebMapBuilder < 1.0.73 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection Note: /2022/12/29/map/ is page/post where the GoogleMapsWD is embed POST /2022/12/29/map/ HTTP/1.1 Content-Type:...

9.8CVSS9.6AI score0.03911EPSS
Exploits2References1
Metasploit
Metasploit
added 2023/01/19 7:51 p.m.280 views

Wordpress Paid Membership Pro code Unauthenticated SQLi

Paid Membership Pro, a WordPress plugin, prior to 2.9.8 is affected by an unauthenticated SQL injection via the code parameter. Remote attackers can exploit this vulnerability to dump usernames and password hashes from the wpusers table of the affected WordPress installation. These password hashe...

9.8CVSS9.8AI score0.9246EPSS
Exploits6
wpexploit
wpexploit
added 2022/12/12 12:0 a.m.643 views

WP AutoComplete Search <= 1.0.4 - Unauthenticated SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unauthenticated SQL injection Extract the nonce from the index page search for "wpautosearchconfig", look for the "nonce" field Invoke the following...

9.8CVSS1.9AI score0.03595EPSS
Exploits5
WPVulnDB
WPVulnDB
added 2022/10/17 12:0 a.m.19 views

WooCommerce Dropshipping < 4.4 - Unauthenticated SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection PoC curl -isk -X 'POST' -H "Content-Type: application/json" --data '"sku":"a" AND SELECT 42 FROM SELECTSLEEP5wlHd--...

9.8CVSS2.3AI score0.03686EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/10/10 12:0 a.m.106 views

AWP Classifieds Plugin < 4.3 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection To read the userlogin and userpass columns from the wpusers table:...

9.8CVSS2.8AI score0.05103EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.20 views

KiviCare < 2.3.9 - Unauthenticated SQLi

The plugin does not sanitise and escape some parameters before using them in SQL statements via the ajaxpost AJAX action with the getdoctordetails route, leading to SQL Injections exploitable by unauthenticated users PoC With at least one doctor created via the plugin: v 2.3.4 curl...

9.8CVSS2.8AI score0.11485EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/05/09 12:0 a.m.134 views

CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi

The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack On a page where the codepeople-image-store is embed, append the following...

9.8CVSS1.6AI score0.1036EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/04/25 3:51 p.m.33 views

CVE-2022-0657 5 Stars Rating Funnel < 1.2.53 - Unauthenticated SQLi

The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtnggdeleteleads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection...

10AI score0.01743EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/04/18 12:0 a.m.119 views

Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections curl https://example.com/wp-admin/admin-ajax.php \ --data...

9.8CVSS1.4AI score0.09495EPSS
Exploits2
wpexploit
wpexploit
added 2022/04/12 12:0 a.m.103 views

Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi

The plugin does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection curl 'http://example.com/?restroute=/olistener/new' --data '"id":" SELECT SLEEP3"' -H 'content-type: application/json'...

9.8CVSS2.5AI score0.09999EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/04/05 12:0 a.m.121 views

Documentor <= 1.5.3 - Unauthenticated SQLi

The plugin fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users. curl https://example.com/wp-admin/admin-ajax.php --data 'action=docsearchresults&term=&docid=1 AND SELECT 628...

9.8CVSS1.4AI score0.42764EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/03/29 12:0 a.m.20 views

5 Stars Rating Funnel < 1.2.53 - Unauthenticated SQLi

Description The plugin does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtnggdeleteleads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue. There is an attempt to sanitise the input, using...

9.8CVSS10AI score0.01743EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/02/28 12:0 a.m.9 views

NotificationX < 2.3.12 - Unauthenticated SQLi

The plugin does not validate and escape the id parameter in its notificationx/v1/notification REST endpoint before using it in a SQL statement, which could allow unauthenticated attackers to perform SQL Injection attacks. PoC The apikey is the md5 of the homeurl either with http or https protocol...

2.1AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2015/12/03 12:0 a.m.23 views

Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection Vulnerability

Exploit for windows platform in category remote exploits Exploit Title: Sysaid Helpdesk Software Unauthenticated SQLi Date: 28.11.2015 Exploit Author: hland Vendor Homepage: https://www.sysaid.com/ Version: v14.4.32 b25 Tested on: Windows 7, Windows 10 Blog post:...

7.1AI score
Exploits0
Rows per page
Query Builder