Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Joomla Joomanager SQL Injection Vulnerability

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 25 Views

Joomla Joomanager SQL Injection Vulnerability fix description and dat

Code

                                                Note from the vendor received 10Mar11:

The old code was using JReguest::GetVar and we change it to JReguest::GetInt so the catid must be an integer only and not text.

We updated this over 6 months ago in version 1.1.1


1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Name :  Joomla joomanager SQli Vulnerability 
Date : june, 30 2010
Critical Level 	: HIGH
Vendor Url : http://www.joomanager.com/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_,Sn!pEr.S!Te,n4pst3rr
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz 
#######################################################################################################
Description:


JooManager enables you to create a phenomenal real estate website for your clients so they can dominate the listing market!  Today's most successful Realtors have already realized that consumers are using search engines to buy and sell real estate. JoomProperty from its front end display to its extremely user-friendly backend technology, is built to adhere to search engines' best practices.

###############################################################################################################

Xploit: SQLi VUlnerability

 
DEMO URL : http://server/component/joomanager/?view=itemslist&catid=[sqli]

###############################################################################################################
# 0day no more 
# Sid3^effects

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
joomlajoomanagersql injectionvulnerabilitysecurityupdate10mar111.1.1sid3^effectsjreguest::getintcatidintegertextreal estate websitexploitdemo urlserver.
25