Joomla JVideoClip Blind SQL Injection

2013.09.24
Credit: SixP4ck3r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

================================================================================ Joomla Component com_jvideoclip (cid|uid|id) Blind SQL Injection / SQL Injection ================================================================================ Author : SixP4ck3r Email & msn : SixP4ck3r@Bolivia.com Date : 21 Sept 2013 Critical Lvl : Medium Impact : Exposure of sensitive information Where : From Remote Blog : http://sixp4ck3r.blogspot.com/ Credits : To my love! Dork : inurl:com_jvideoclip --------------------------------------------------------------------------- [Exploting..Bug..Demo..] http://example/index.php?option=com_jvideoclip&view=search&type=user&uid=[SQLi]&Itemid=6 [Blind SQL Injection] http://example/index.php?option=com_jvideoclip&view=search&type=user&uid=[bSQLi]&Itemid=6 --------------------------------------------------------------------------- SixP4ck3r from Bolivia ___EOF____

References:

http://sixp4ck3r.blogspot.com/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top