CVE-2021-24915 PoC — WordPress SQL注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-24915.yaml

Associated Vulnerability

Title:WordPress SQL注入漏洞 (CVE-2021-24915)
Description:WordPress是WordPress（Wordpress）基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress 的Contest Gallery 插件 13.1.0.6之前版本存在SQL注入漏洞，该漏洞源于插件没有功能检查，在从库中导出用户时，在SQL语句中使用cg search用户名原始参数之前，没有对其进行清理或转义，攻击者可利用该漏洞执行SQL注入攻击，以及获取所有在博客上注册的用户的列表，包括他们的用户名和电子邮件地址。

Description

The plugin does not have capability checks and does not sanitise or escape the cg-search-user-name-original parameter before using it in a SQL statement when exporting users from a gallery, which could allow unauthenticated to perform SQL injections attacks, as well as get the list of all users registered on the blog, including their username and email address.

File Snapshot


 id: CVE-2021-24915

info:
  name: Contest Gallery < 13.1.0.6 - SQL injection
  author: r3Y3r53
  sev

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!