Joomla! Component BF Quiz 1.3.0 – SQL Injection (1)

• Exploit Database
• 39 阅读

• 作者： Valentin
  日期： 2010-05-28
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12780/

• # Exploit Title: Joomla Component BF Quiz SQL Injection Vulnerability
  # Date: 29th May 2010
  # Author: Valentin
  # Category: webapps/0day
  # Version: 1.3.0
  # Tested on: Debian, Apache2, MySQL 5
  # CVE :
  # Code : 
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
  >> General Information 
  Advisory/Exploit Title = Joomla Component BF Quiz SQL Injection Vulnerability
  Author = Valentin Hoebel
  Contact = valentin@xenuser.org
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
  >> Product information
  Name = BF Quiz
  Vendor = Tamlyn Creative Pty Ltd
  Vendor Website = http://www.tamlyncreative.com/software/
  Affected Version(s) = 1.3.0
  
   
  [:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
  >> SQL Injection
  Example URI = 
  index.php?option=com_bfquiztrial&view=bfquiztrial&catid=[SQL Injection]&Itemid=62
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
  >> Additional Information
  Advisory/Exploit Published = 29th May 2010
  
  I found this vulnerability while testing my new SQL injection vulnerability scanner.
  (Will be released soon!)
  Actually didn't find the vulnerability when I looked at this Joomla component for
  the first time, lol.
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
  >> Misc
  Greetz && Thanks = inj3ct0r team, Exploit DB and hack0wn!
  Special Greetz = cr4wl3r and /JosS!
  <3 packetstormsecurity.org!
  
  
  [:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]