Joomla JVideoClip component suffers from a remote blind SQL injection vulnerability.
4781ffbb58c2f9b00a3104325ceee5ce0a84ef307ee9cccc745852c86fd96ec6================================================================================
Joomla Component com_jvideoclip (cid|uid|id) Blind SQL Injection / SQL Injection
================================================================================
Author : SixP4ck3r
Email & msn : SixP4ck3r@Bolivia.com
Date : 21 Sept 2013
Critical Lvl : Medium
Impact : Exposure of sensitive information
Where : From Remote
Blog : http://sixp4ck3r.blogspot.com/
Credits : To my love!
Dork : inurl:com_jvideoclip
---------------------------------------------------------------------------
[Exploting..Bug..Demo..]
http://example/index.php?option=com_jvideoclip&view=search&type=user&uid=[SQLi]&Itemid=6
[Blind SQL Injection]
http://example/index.php?option=com_jvideoclip&view=search&type=user&uid=[bSQLi]&Itemid=6
---------------------------------------------------------------------------
SixP4ck3r from Bolivia
___EOF____
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed