Dokan Pro Unauthenticated SQL Injection POC | CVSS 10
by Loki - Monday July 8, 2024 at 02:16 PM
The God of Stories
user_229941
Posts: 2,445
Threads: 64
Joined: Jun 2024
Reputation: 1,757

ActiveShoutbox AddictGamer
#1
07-08-2024, 02:16 PM
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

POC:
Hidden Content
You must register or login to view this content.


Omnicer
[Image: e47c91a87cc521d1efbd20183b42ee4259c9c593.gifv]
PGP
Reply
Breached
Member
Posts: 27
Threads: 4
Joined: Jun 2024
Reputation: 0
#2
07-08-2024, 02:19 PM
Thank you, I will try it
Reply
Uber User

Posts: 273
Threads: 13
Joined: Mar 2024
Reputation: 29

YouTube
#3
07-08-2024, 02:24 PM
Learning SQL for ethical purpose
Reply
Encrypted Content Curator
user_182846
Posts: 43
Threads: 9
Joined: Apr 2024
Reputation: 762

HackerYouTubeTwitter
#4
07-08-2024, 02:34 PM
inurl:/wp-content/plugins/dokan-pro

intitle:"Dokan Pro" inurl:/wp-content/plugins
[Image: facebook.jpg]
Website
Reply
The God of Stories
user_229941
Posts: 2,445
Threads: 64
Joined: Jun 2024
Reputation: 1,757

ActiveShoutbox AddictGamer
#5
07-08-2024, 03:01 PM
(07-08-2024, 02:34 PM)DoingFedTime Wrote: inurl:/wp-content/plugins/dokan-pro

intitle:"Dokan Pro" inurl:/wp-content/plugins

good ol' google dorks!

OR

we can use censys search with something like

"dokan pro" and labels= `wordpress`

and fetch all the servers that are using that plugin.

then sort by the last modified date to weed out the patched servers.
[Image: e47c91a87cc521d1efbd20183b42ee4259c9c593.gifv]
PGP
Reply
Encrypted Content Curator
user_182846
Posts: 43
Threads: 9
Joined: Apr 2024
Reputation: 762

HackerYouTubeTwitter
#6
07-08-2024, 03:41 PM
@Lokie Yes, thank you for passively pointing out that I'm old hahahahahhahaha
This and Shodan as well; I'm just old school. Smile
[Image: facebook.jpg]
Website
Reply
The God of Stories
user_229941
Posts: 2,445
Threads: 64
Joined: Jun 2024
Reputation: 1,757

ActiveShoutbox AddictGamer
#7
07-08-2024, 04:06 PM
@DoingFedTime tbh when everything fails, google dorks win
[Image: e47c91a87cc521d1efbd20183b42ee4259c9c593.gifv]
PGP
Reply
VIP User
VIP
Posts: 57
Threads: 26
Joined: Jul 2024
Reputation: 50
#8
07-09-2024, 05:15 AM
Need this for education
Reply
Breached
Member
Posts: 6
Threads: 0
Joined: Jan 2024
Reputation: 0
#9
07-09-2024, 08:01 AM
thank you sql injection best attack thx
Reply
Breached
Member
Posts: 3
Threads: 0
Joined: Jul 2024
Reputation: 0
#10
07-16-2024, 02:12 AM
I will try it now
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google Dorks for finding SQL injection vulnerabilities and other security issues 1yush 42 1,732 08-06-2025, 10:45 AM
Last Post: k4mui
  [WordPress] Contact Form - SQL Injection Vuln Friday 147 18,153 08-04-2025, 04:20 AM
Last Post: 1blackman
  Cisco ISE - Unauthenticated RCE antisocial 1 129 07-29-2025, 06:50 AM
Last Post: JamesStrong
  CVE-2025-53770 - Microsoft Sharepoint Unauthenticated RCE antisocial 1 179 07-28-2025, 10:50 AM
Last Post: Krypt3d4ng3l
  IngressNightmare unauthenticated RCE PoC azamii 7 473 04-14-2025, 11:02 PM
Last Post: rainsec

Forum Jump:


 Users browsing this thread: 1 Guest(s)