Joomla Spider Random Article...

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

################################################################################################## #Exploit Title : Joomla Spider Random Article Component SQL Injection vulnerability #Author : Jagriti Sahu AKA Incredible #Vendor Link : http://demo.web-dorado.com/spider-random-article.html #Date : 22/03/2015 #Discovered at : IndiShell Lab #Love to : error1046 ^_^ ,Team IndiShell,Codebreaker ICA ,Subhi,Mrudu,Hary,Kavi ^_^ ################################################################################################## //////////////////////// /// Overview: //////////////////////// joomla component "Spider Random Article" is not filtering data in catID and Itemid parameters and hence affected by SQL injection vulnerability /////////////////////////////// // Vulnerability Description: /////////////////////////////// vulnerability is due to catID and Itemid parameter //////////////// /// POC //// /////////////// SQL Injection in catID parameter ================================= Use...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息