WordPress CP Reservation Calendar...

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

<p># Exploit Title: WordPress: cp-reservation-calendar 1.1.6&nbsp; SQLi injection]</p><p># Date: 2015-09-15</p><p># Google Dork: Index of /wp-content/plugins/cp-reservation-calendar/</p><p># Exploit Author: Joaquin Ramirez Martinez [ i0akiN SEC-LABORATORY ]</p><p># Software Link: <a href="https://downloads.wordpress.org/plugin/cp-reservation-calendar.zip">https://downloads.wordpress.org/plugin/cp-reservation-calendar.zip</a></p><p># Version: 1.1.6</p><p># OWASP Top10: A1-Injection</p><p>在WordPress cp reservation calendar Plugin v1.6插件中存在sql注入</p><p>漏洞文件:dex_reservations.php</p><p>&nbsp;</p><p>The security risk of the sql injection vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.6.</p><p>Exploitation of the remote sql injection web vulnerability requires no user interaction or privilege web-application user account.</p><p>Successful exploitation of the remote sql injection results in database management system, web-server and...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息