Joomla Component com_filecabinet Sql injection vulnerability

2012-06-14T00:00:00
ID 1337DAY-ID-18619
Type zdt
Reporter mmn00b
Modified 2012-06-14T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Exploit Title: Joomla component  com_filecabinet Sql injection vulnerability
 Date: 14.06.2012
 Author: mmn00b 
 Home: http://www.blinkhackergroup.org
 Vendor or Software Link: http://ajbiscaro.freehostia.com/index.php?option=com_filecabinet&task=download&cid[]=7
 Version:  @version 2.0 : filecabinet.php
 Category::  webapps
 Google dork: inurl:"index.php?option=com_filecabinet"
 Tested on: window XP

Exploit : http://site/index.php?option=com_filecabinet&task=download&cid[0]=[Exploit HERE]&Itemid=


 Demo site:  http://www.rightangletheatre.co.uk/index.php?option=com_filecabinet&task=download&cid[0]=2[SQL INJECTION]&Itemid=8
                   http://www.ppu.edu/quality/index.php?option=com_filecabinet&task=download&cid[0]=13[SQL INJECTION]&Itemid=68&lang=en
                   http://www.imj.ir/index.php?option=com_filecabinet&task=download&cid[0]=27[SQL INJECTION]



  Greeze My All Bros =====>Adm!n K!ll3r,Bl4ckr3ap3r,H4ck3r^Lammer,anon4,Dr.Rat,snRoot,Mr.n00b,Mr.Vampire,r00tinject0r



#  0day.today [2018-03-05]  #