Goal Reached Thanks to every supporter β€” we hit 100%!

Goal: 1000 CNY Β· Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-0739 PoC β€” BookingPress < 1.0.11 - Unauthenticated SQL Injection

Source
https://github.com/BKreisel/CVE-2022-0739
Associated Vulnerability
Title:BookingPress < 1.0.11 - Unauthenticated SQL Injection (CVE-2022-0739)
Description:The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection
Description
🐍 Python Exploit for CVE-2022-0739
Readme
# CVE-2022-0739
Python PoC Exploit for [CVE-2022-0739](https://nvd.nist.gov/vuln/detail/CVE-2022-0739)

## Features
* Database Metadata Lookup
* Wordpress User Credential Dump
* Arbitrary Blind Query Injection πŸ’‰

## Usage
```bash
usage: cve-2022-0739 [-h] -u URL [-e EXEC]

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     URL of the page containing the BookingPress Widget
  -e EXEC, --exec EXEC  Optional query for Blind SQL Injection
```
### Information Leak
```bash
cve-2022-0739 --url http://metapress.htb/event
```

### Blind Injection
```bash
cve-2022-0739 --url http://metapress.htb/event --exec "SELECT SLEEP(5)"
```

## Installation

### PyPI
```bash
python3 -m pip install cve-2022-0739
```

### Manual 
```bash
python3 -m pip install cve_2022_0739-1.0.0-py3-none-any.whl
```
[Download Latest Release](https://github.com/BKreisel/CVE-2022-0739/releases/download/1.0.0/cve_2022_0739-1.0.0-py3-none-any.whl)

## Demo
### Information Leak
[![demo](https://asciinema.org/a/544403.svg)](https://asciinema.org/a/544403?autoplay=1)

### Blind Injection
[![demo-exec](https://asciinema.org/a/544404.svg)](https://asciinema.org/a/544404?autoplay=1)
File Snapshot

 [4.0K]  /data/pocs/03bd860a98ba7dc5579e96a1610a2482db8886b8
β”œβ”€β”€ [1.0K]  LICENSE
β”œβ”€β”€ [ 709]  pyproject.toml
β”œβ”€β”€ [1.2K]  README.md
└── [4.0K]  src
    └── [4.0K]  cve_2022_0739
        β”œβ”€β”€ [   0]  __init__.py
        └── [9.0K]  main.py

2 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers β€” if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online β€” thank you for the support. View subscription plans β†’