sqlmap

WordPress wpDataTables SQL Injection Vulnerability

###################### # Exploit Title : WordPress wpDataTables 1.5.3 and below SQL Injection Vulnerability # Exploit Author : Claudio Viviani # Software Link : http://wpdatatables.com (Premium) # Date : 2014-11-22 # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap 1.0-dev-5b2ded0 ###################### # Description Wordpress wpDataTables 1.5.3 and below suffers from SQL injection vulnerability "table_id" variable is not sanitized. File: wpdatatables....

Joomla HD FLV Player SQL Injection Vulnerability

Info # Exploit Title : Joomla HD FLV Player 2.1.0.1 and below SQL Injection # # Exploit Author : Claudio Viviani # # Vendor Homepage : http://www.hdflvplayer.net/ # # Software Link : http://www.hdflvplayer.net/download_count.php?pid=5 # # Dork google 1: inurl:/component/hdflvplayer/ # Dork google 2: inurl:com_hdflvplayer # # Date : 2014-11-11 # # Tested on : BackBox 3.x/4.x # # Info: The variable "id" is not sanitized (again) # Over 80.000 downloads (statistic reported on official site) # # # Video Demo: http://youtu....

WordPress Spider Facebook 1.0.8 Authenticated SQL Injection

###################### # Exploit Title : WordPress Spider Facebook 1.0.8 Authenticated SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://downloads.wordpress.org/plugin/spider-facebook.1.0.8.zip # Date : 2014-08-25 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox # Linux / sqlmap 1.0-dev-5b2ded0 ###################### # Location : http://localhost/wp-content/plugins/plugins/spider-facebook/facebook.php ###################### # Vulnerable code : function Spider_Facebook_manage() { require_once("facebook_manager.php"); require_once("facbook_manager.html.php"); if(!function_exists ('print_html_nav' )) require_once("nav_function/nav_html_func....

WordPress GB Gallery Slideshow 1.5 Authenticated SQL Injection

###################### # Exploit Title : WordPress GB Gallery Slideshow 1.5 Authenticated SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://gb-plugins.com/ # Software Link : http://downloads.wordpress.org/plugin/gb-gallery-slideshow.1.5.zip # Date : 2014-08-09 # Tested on : Linux / sqlmap 1.0-dev-5b2ded0 Linux / Mozilla Firefox ###################### # Location : http://localhost/wp-content/plugins/gb-gallery-slideshow/GBgallery.php ###################### # Vulnerable code : if(isset($_POST['selected_group'])){ global $gb_post_type, $gb_group_table, $wpdb; $my_group_id = $_POST['selected_group']; $my_group = $wpdb->get_results( "SELECT groups FROM $gb_group_table WHERE id = "....