49 lines
No EOL
1.5 KiB
Text
49 lines
No EOL
1.5 KiB
Text
# Exploit Title: Joomla Component BF Quiz SQL Injection Vulnerability
|
|
# Date: 29th May 2010
|
|
# Author: Valentin
|
|
# Category: webapps/0day
|
|
# Version: 1.3.0
|
|
# Tested on: Debian, Apache2, MySQL 5
|
|
# CVE :
|
|
# Code :
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
|
|
>> General Information
|
|
Advisory/Exploit Title = Joomla Component BF Quiz SQL Injection Vulnerability
|
|
Author = Valentin Hoebel
|
|
Contact = valentin@xenuser.org
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
|
|
>> Product information
|
|
Name = BF Quiz
|
|
Vendor = Tamlyn Creative Pty Ltd
|
|
Vendor Website = http://www.tamlyncreative.com/software/
|
|
Affected Version(s) = 1.3.0
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
|
|
>> SQL Injection
|
|
Example URI =
|
|
index.php?option=com_bfquiztrial&view=bfquiztrial&catid=[SQL Injection]&Itemid=62
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
|
|
>> Additional Information
|
|
Advisory/Exploit Published = 29th May 2010
|
|
|
|
I found this vulnerability while testing my new SQL injection vulnerability scanner.
|
|
(Will be released soon!)
|
|
Actually didn't find the vulnerability when I looked at this Joomla component for
|
|
the first time, lol.
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
|
|
>> Misc
|
|
Greetz && Thanks = inj3ct0r team, Exploit DB and hack0wn!
|
|
Special Greetz = cr4wl3r and /JosS!
|
|
<3 packetstormsecurity.org!
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::] |