cve/CVE-2019-20361.md at 410e68ca9dddb67493d84ae4fe8e1a9e392594db

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).

POC

Reference

http://packetstormsecurity.com/files/158568/WordPress-Email-Subscribers-And-Newsletters-4.2.2-SQL-Injection.html
http://packetstormsecurity.com/files/158568/WordPress-Email-Subscribers-And-Newsletters-4.2.2-SQL-Injection.html
https://wpvulndb.com/vulnerabilities/9947
https://wpvulndb.com/vulnerabilities/9947

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Shamsuzzaman321/Wordpress-Exploit-AiO-Package
https://github.com/jerrylewis9/CVE-2019-20361-EXPLOIT

1.0 KiB Raw Blame History

CVE-2019-20361

Description

POC

Reference

Github

1.0 KiB

Raw Blame History