######################
# Exploit Title : WordPress Video Gallery 2.7 SQL Injection Vulnerabilitiy
# Exploit Author : Claudio Viviani
# Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery
# Software Link : https://downloads.wordpress.org/plugin/contus-video-gallery.2.7.zip
# Dork Google: inurl:/wp-admin/admin-ajax.php?action=rss
# Date : 2015-02-10
# Tested on : Windows 7 / Mozilla Firefox
Linux / Mozilla Firefox ######################
# Vulnerability Disclosure Timeline:
2015-02-08: Discovered vulnerability
2015-02-09: Vendor Notification
2015-02-10: Vendor Response/Feedback 2015-02-10: Vendor Send Fix/Patch 2015-02-10: Public Disclosure # Description
Wordpress Video Gallery 2....
######################
# Exploit Title : WordPress wpDataTables 1.5.3 and below SQL Injection Vulnerability
# Exploit Author : Claudio Viviani # Software Link : http://wpdatatables.com (Premium)
# Date : 2014-11-22
# Tested on : Windows 7 / Mozilla Firefox
Windows 7 / sqlmap (0.8-1)
Linux / Mozilla Firefox
Linux / sqlmap 1.0-dev-5b2ded0
######################
# Description
Wordpress wpDataTables 1.5.3 and below suffers from SQL injection vulnerability
"table_id" variable is not sanitized.
File: wpdatatables....
Info # Exploit Title : Joomla HD FLV Player 2.1.0.1 and below SQL Injection
#
# Exploit Author : Claudio Viviani
#
# Vendor Homepage : http://www.hdflvplayer.net/
#
# Software Link : http://www.hdflvplayer.net/download_count.php?pid=5
#
# Dork google 1: inurl:/component/hdflvplayer/
# Dork google 2: inurl:com_hdflvplayer #
# Date : 2014-11-11
#
# Tested on : BackBox 3.x/4.x
#
# Info: The variable "id" is not sanitized (again)
# Over 80.000 downloads (statistic reported on official site)
#
#
# Video Demo: http://youtu....
######################
# Exploit Title : WordPress CP Multi View Event Calendar 1.01 SQL Injection Vulnerability
# Exploit Author : Claudio Viviani # Software Link : https://downloads.wordpress.org/plugin/cp-multi-view-calendar.zip
# Date : 2014-10-23
# Tested on : Windows 7 / Mozilla Firefox
Windows 7 / sqlmap (0.8-1)
Linux / Mozilla Firefox
Linux / sqlmap 1.0-dev-5b2ded0
######################
# Description
CP Multi View Event Calendar 1.01 suffers from SQL injection vulnerability
calid variable is not sanitized....
claudio@backbox3:~$ ./drupal.py -t http://127.0.0.1/drupal -u 4dm1n -p p4ssw0rd
______ __ _______ _______ _____ | _ \ .----.--.--.-----.---.-| | | _ || _ | _ | |. | \| _| | | _ | _ | | |___| _|___| |.| | |. | |__| |_____| __|___._|__| / |___(__ `-|. | |: 1 / |__| | | |: 1 | |: | |::.. . / | | |::.. . | |::.| `------' `---' `-------' `---' _______ __ ___ __ __ __ | _ ....