26 lines | ISO-8859-1 | 883 bytes


There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability). This script is a "sanized-version" of original script avalible on exploit-db.com created by @KBA@SOGETI_ESEC ,the original version was sanized on RaidForums.com



> $ git clone https://github.com/jerrylewis9/CVE-2019-20361-EXPLOIT.git
> $ cd CVE-2019-20361-EXPLOIT
> $ chmod +x noodles.sh
> $ bash noodles.sh "url"


sqlmap (https://github.com/sqlmapproject/sqlmap)

#The script recognize sqlmap, not sqlmap.py or similiar, so move sqlmap to bin directory.

Please wait...
Page is in error, reload to recover