File tree Expand file tree Collapse file tree 1 file changed +15
-9
lines changed
documentation/modules/auxiliary/scanner/http Expand file tree Collapse file tree 1 file changed +15
-9
lines changed Original file line number Diff line number Diff line change 1- ## Description
1+ ## Vulnerable Application
2+
23This module will scan given instances for an unauthenticated SQL injection
34within the CP Multi-View Calendar plugin v1.1.4 for Wordpress.
45
56## References
67* [ https://wordpress.org/plugins/cp-multi-view-calendar/ ]
78
8- ## Vulnerable Application
9-
109### Setup using Docksal
1110Install [ Docksal] ( https://docksal.io/ )
1211
@@ -86,13 +85,20 @@ pass: admin
8685
8786## Verification Steps
8887
89- 1 . Do: ``` use auxiliary/scanner/http/press_cp_calendar_sqli `` `
90- 2 . Do: ``` set RHOSTS [IP] `` `
91- 3 . Do: ``` set VHOST [HOSTNAME] `` `
92- 4 . Do: ``` run `` `
88+ 1 . Do: ` use auxiliary/scanner/http/press_cp_calendar_sqli `
89+ 2 . Do: ` set RHOSTS [IP] `
90+ 3 . Do: ` set VHOST [HOSTNAME] `
91+ 4 . Do: ` run `
9392
9493## Options
9594
96- ### TARGETURI**
9795
98- Target URI of the Wordpress instance
96+ ## Scenarios
97+
98+ ```
99+ msf auxiliary(wordpress_cp_calendar_sqli) > run
100+
101+ [+] 10.211.55.4:80 - Vulnerable to unauthenticated SQL injection within CP Multi-View Calendar 1.1.4 for Wordpress
102+ [*] Scanned 1 of 1 hosts (100% complete)
103+ [*] Auxiliary module execution completed
104+ ```
You can’t perform that action at this time.
0 commit comments