.. | |||
README.md | Loading last commit info... | ||
noodles.sh |
README.md
CVE-2019-20361-EXPLOIT
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability). This script is a "sanized-version" of original script avalible on exploit-db.com created by @KBA@SOGETI_ESEC ,the original version was sanized on RaidForums.com
COMMAND
> $ git clone https://github.com/jerrylewis9/CVE-2019-20361-EXPLOIT.git
> $ cd CVE-2019-20361-EXPLOIT
> $ chmod +x noodles.sh
> $ bash noodles.sh "url"
PREREQUISITE
sqlmap (https://github.com/sqlmapproject/sqlmap)
#The script recognize sqlmap, not sqlmap.py or similiar, so move sqlmap to bin directory.