Joomla! Component Contact Form Maker 1.0.1 – SQL Injection

• Exploit Database
• 100 阅读

• 作者： TUNISIAN CYBER
  日期： 2015-03-30
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/36561/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14

  [+]Title: Joomla Contact Form Maker v1.0.1 Component - SQL injection vulnerability [+]Author: TUNISIAN CYBER [+]Date: 29/03/2015 [+]Vendor: http://extensions.joomla.org/extensions/extension/contacts-and-feedback/contact-forms/contact-form-maker [+]Type:WebApp [+]Risk:High [+]Overview: Contact Form Maker v1.0.1 suffers, from an SQL injection vulnerability. [+]Proof Of Concept:   127.0.0.1/index.php?option=com_contactformmaker&view=contactformmaker&id=SQL