CVEs-PoC/2020/CVE-2020-12104.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 19:17:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation.

POC

Reference

https://wpvulndb.com/vulnerabilities/10199

Github

https://github.com/Alkeraithe/Exploits

687 B Raw Blame History

CVE-2020-12104

Description

POC

Reference

Github

687 B

Raw Blame History