Sonny Gonzalez – Noise https://noise.getoto.net The collective thoughts of the interwebz Fri, 27 Aug 2021 19:03:42 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.2 Metasploit Wrap-Up https://noise.getoto.net/2021/08/27/metasploit-wrap-up-21/ Fri, 27 Aug 2021 19:03:42 +0000 http://noise.getoto.net/?guid=85c739bc95d61bf1e93c9617469f50c1

LearnPress authenticated SQL injection

Metasploit contributor h00die added a new module that exploits CVE-2020-6010, an authenticated SQL injection vulnerability in the WordPress LearnPress plugin. When a user is logged in with contributor privileges or higher, the id parameter can be used to inject arbitrary code through an SQL query. This

]]> Metasploit Wrap-Up https://noise.getoto.net/2021/01/08/metasploit-wrap-up-2/ Fri, 08 Jan 2021 19:54:36 +0000 http://noise.getoto.net/?guid=5482ac1594c82a230828023816657b57