CVEs-PoC/2017/CVE-2017-6096.md

CVE-2017-6096

Description

A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.

POC

Reference

• https://wpvulndb.com/vulnerabilities/8740
• https://wpvulndb.com/vulnerabilities/8740
• https://www.exploit-db.com/exploits/41438/
• https://www.exploit-db.com/exploits/41438/

Github

• https://github.com/El-Palomo/SYMFONOS
• https://github.com/vshaliii/Symfonos1-Vulnhub-walkthrough