========Ocim MP3 Plugin SQL Injection Vulnerability========:----------------------------------------------------------------------------------------------------:: # Exploit Title : Ocim MP3 Plugin SQL Injection Vulnerability: # Date : 26 February 2016: # Author : xevil and Blankon33: # Vendor Site: http://www.ocimscripts.com/: # Version:: # Vulnerability : SQL Injection: # Tested on : Wordpress 4.4.2: # Severity : High:----------------------------------------------------------------------------------------------------:Summary========Ocim MP3 is Plugin to make MP3 Grabber site based on Wordpress.Proof of Concept========Infected URL:http://[Site]/[Path]/wp-content/plugins/ocim-mp3/source/pages.php?id=['SQLi]Admin Panel:http://[Site]/[Path]/oc-login.php===========Thanks to===========All Indonesian Hacker!!
Source: exploit-db.com
0 comments:
Post a Comment