Joomla JobGrokApp component version 3.1-1.2.55 suffers from a remote SQL injection vulnerability.
c6e24a78b3acd12c8113b6555072e359ad21ff814a3c8efb8dc253c6e40dbfbf######################
# Exploit Title : Joomla com_jobgrokapp - SQL Injection
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://extensions.joomla.org/extension/job-grok-app
# Software Link: http://www.uplooder.net/f/tl/42/ae553152683fc9d97a555210d7028a8c/com-jobgrokapp-V3.1-1.2.55.zip
# Category: [ Webapps ]
# Tested on: [ Win ]
# Version: 3.1-1.2.55
# Date: 2016/06/07
######################
#
# PoC:
# Login with Admin User And Edit one Applications cid[] Parameter Vulnerable to SQL Injection
# Demo :
# http://localhost/joomla/administrator/index.php?option=com_jobgrokapp&controller=application&task=edit&cid[]=[SQL]
# Image: http://www.uplooder.net/img/image/30/de1049a0eb485c78590332d185ee7189/com-jobgrokapp.png
#
######################
# Discovered by : Mojtaba MobhaM (kazemimojtaba@live.com)
# Greetz : T3NZOG4N & FireKernel & Milad Hacking & JOK3R And All Persian Hack Team Members
# Homepage : persian-team.ir
######################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed