exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Hacker5preme

Wordpress RegistrationMagic Task_ids Authenticated SQL Injection

Posted Sep 1, 2024

Authored by h00die, Hacker5preme | Site metasploit.com

RegistrationMagic, a WordPress plugin, prior to 5.0.1.5 is affected by an authenticated SQL injection via the task_ids parameter.

tags | exploit, sql injection

advisories | CVE-2021-24862

SHA-256 | 1a580e447f3469ec25a634735f3ea21fb9756b92a3c75631271cbb832da6c3fd

Download | Favorite | View

Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection

Posted Sep 1, 2024

Authored by h00die, Hacker5preme, Krzysztof Zając | Site metasploit.com

Secure Copy Content Protection and Content Locking, a WordPress plugin, prior to 2.8.2 is affected by an unauthenticated SQL injection via the sccp_id[] parameter. Remote attackers can exploit this vulnerability to dump usernames and password hashes from thewp_users table of the affected WordPress installation. These password hashes can then be cracked offline using tools such as Hashcat to obtain valid login credentials for the affected WordPress installation.

tags | exploit, remote, sql injection

advisories | CVE-2021-24931

SHA-256 | a16f33882a4042dbb5483766850b39941b6501b9b0173d5fdf5fb279b10a5e47

Download | Favorite | View

WordPress Modern Events Calendar SQL Injection Scanner

Posted Sep 1, 2024

Authored by h00die, red0xff, Hacker5preme | Site metasploit.com

Modern Events Calendar plugin contains an unauthenticated timebased SQL injection in versions before 6.1.5. The time parameter is vulnerable to injection.

tags | exploit, sql injection

advisories | CVE-2021-24946

SHA-256 | 982d4d258c486cd930bfa6a8ab9aa9156ad56e14deb8a20ab4d8c1bd29c21177

Download | Favorite | View