Joomla Varista Education template version 2.9 suffers from a remote SQL injection vulnerability.
6675591b3afcdef31e1587359d40658b37453853137a99f01a11a7aa4c3136b3######################################################################
# Exploit Title: Varista Education Joomla Template - SQL Injection
Vulnerability
# Google Dork: N/A
# Date: 30.12.2017
# Author: Abdeljalil Nouiri (@pwny)
# url : https://www.joomshaper.com/joomla-templates/varsita
# Version : 2.9
# Tested on: Kali Linux
# proof : https://ibb.co/mo8wnG
######################################################################
#
# Description : Varsita is a multipurpose Joomla 3.6 template for all kinds
of schools, universities,courses and education business.
#
#
# Vulnerable Parameter : POST -p data
#
# http://127.0.0.1/path/
#
#POST : option=com_ajax&module=splmscoursesearch&data=[SQLi]&format=jsonp
#
#proof : https://ibb.co/mo8wnG
#
#
######################
# Discovered by : Abdeljalil Nouiri (
https://linkedin.com/in/abdeljalil-nouiri-36a654143)
# Greetz : HackXore Team
######################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed