Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Joomla Component com_jdirectory SQL Injection Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
com_jdirectory
by:
Caddy-Dz
7.5
CVSS
HIGH
SQL Injection
Not mentioned
CWE
Product Name: com_jdirectory
Affected Version From: Not mentioned
Affected Version To: Not mentioned
Patch Exists: NO
Related CWE: Not mentioned
CPE: Not mentioned
Metasploit:
Other Scripts:
Platforms Tested: Windows 7 Edition Intégral (French)
Not mentioned

Joomla Component com_jdirectory SQL Injection Vulnerability

The Joomla Component com_jdirectory is vulnerable to SQL Injection. An attacker can inject malicious SQL queries through the 'contentid' parameter in the URL, which can lead to unauthorized access or data manipulation in the database.

Mitigation:

Update the Joomla Component com_jdirectory to the latest version or apply the vendor's patch if available. Validate and sanitize user input before executing SQL queries.
Source

Exploit-DB raw data:

=====================================================================
                      .__         .__  __            .__    .___
  ____ ___  _________ |  |   ____ |__|/  |_          |__| __| _/
_/ __ \\  \/  /\____ \|  |  /  _ \|  \   __\  ______ |  |/ __ | 
\  ___/ >    < |  |_> >  |_(  <_> )  ||  |   /_____/ |  / /_/ | 
 \___  >__/\_ \|   __/|____/\____/|__||__|           |__\____ | 
     \/      \/|__|                                          \/  
			Exploit-ID is the Exploit Information Disclosure
 
Web             : exploit-id.com	
e-mail          : root[at]exploit-id[dot]com             
 
            	   	 #########################################			  
		  	   I'm Caddy-Dz, member of Exploit-Id				
		  	 #########################################			  
======================================================================
 
####
# Exploit Title: Joomla Component com_jdirectory SQL Injection Vulnerability
# Author: Caddy-Dz
# Facebook Page: www.facebook.com/islam.caddy
# E-mail: islam_babia[at]hotmail.com  |  Caddy-Dz[at]exploit-id.com
# Website: www.exploit-id.com
# Google Dork: inurl:/component/option,com_jdirectory
# Category:: Webapps
# Tested on: [Windows 7 Edition Intégral- French]
# Vendor: http://www.joomace.net/downloads/acesef/extensions/jdirectory-acesef
####
 
 
[*] ExpLo!T :
 
http://www.site.com/component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0
 
http://www.site.com/component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0 # Inject Here
 
 
####

[+] Peace From Algeria
 
####

=================================**Algerians Hackers**=======================================|
# Greets To :                                                                                |
  KedAns-Dz , Kalashinkov3 & **All Algerians Hackers** , jos_ali_joe , Z190T ,               |
  All Exploit-Id Team , (exploit-id.com) , (1337day.com) , (dis9.com) , (exploit-db.com)     |
  All My Friends: T!riRou , ChoK0 , MeRdaw! , CaRras0 , StiffLer , MaaTar , St0fa , Nissou , | 
  RmZ ...others                                                                              |
============================================================================================ |

Navigation

Suggest Exploit

Services By CQR