Dokan Pro Unauthenticated SQL Injection POC | CVSS 10
by Loki - Monday July 8, 2024 at 02:16 PM
Banned

Posts: 31
Threads: 0
Joined: Aug 2023
Reputation: 0

#31
01-08-2025, 10:54 PM
Nice one ! Let me see that
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
Breached
Member
Posts: 33
Threads: 2
Joined: Jan 2025
Reputation: 0

#32
01-20-2025, 09:30 AM
thanks for the tool
Reply
User

Posts: 139
Threads: 11
Joined: Apr 2024
Reputation: 425

#33
03-25-2025, 05:37 AM
f"{grafana_url}/api/ds/query?ds_type=__expr__&expression=true&requestId=Q100",  IS BETTERRR
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Attempted Scamming Thread-DATABASE-Database-Empik-com-Poland-11-825-92 | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
Banned

Posts: 27
Threads: 0
Joined: Dec 2024
Reputation: 0

#34
03-28-2025, 06:16 PM
(07-08-2024, 02:16 PM)Loki Wrote:
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

POC:


Omnicer

lets see this my friend thank you
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
Banned

Posts: 35
Threads: 0
Joined: Mar 2025
Reputation: 0

#35
03-29-2025, 11:21 AM
thanks for this bro
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
Breached
Member
Posts: 4
Threads: 0
Joined: Apr 2025
Reputation: 0

#36
04-07-2025, 02:00 PM
thanks brooooooooooooooooooooooooooooooooooooooo
Reply
Breached
Member
Posts: 5
Threads: 2
Joined: Dec 2025
Reputation: 30

#37
12-17-2025, 05:40 PM
Hmm i see a pattern of sqli looking throw this
Reply
Breached
Member
Posts: 32
Threads: 3
Joined: Dec 2025
Reputation: 0

#38
12-23-2025, 10:57 PM
Thanks for sharing ! Need to check-it
Reply
Breached
Member
Posts: 4
Threads: 0
Joined: Dec 2025
Reputation: 0

#39
12-23-2025, 11:05 PM
(07-08-2024, 02:16 PM)Loki Wrote:
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

POC:


Omnicer

outdated
Reply
Breached
Member
Posts: 2
Threads: 0
Joined: Jan 2026
Reputation: 0

#40
01-30-2026, 03:54 PM
(07-08-2024, 02:16 PM)Loki Wrote:
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

POC:


Omnicer
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google Dorks for finding SQL injection vulnerabilities and other security issues 1yush 64 2,429 03-28-2026, 05:09 PM
Last Post: Wayama
  new wordpress website takeover vuln (video + poc ) zinzeur 313 27,277 03-28-2026, 02:43 AM
Last Post: toshi99
  [POC] Google OAuth "MultiLogin" endpoint 0-day Farfallaiero 106 13,201 02-10-2026, 03:34 PM
Last Post: birhikayemvar
  Cool Remote Patching ETW/Amsi PoC pepeloco 6 2,092 02-08-2026, 07:58 AM
Last Post: zeroday99
  CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC miyako 3 73 02-07-2026, 03:32 PM
Last Post: cysc



 Users browsing this thread: 1 Guest(s)