Joomla! Component com_joomnik - SQL Injection

EDB-ID:

17341

CVE:

EDB Verified:

Author:

SOLVER

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2011-05-29

Vulnerable App:

<------------------- header data start ------------------- >
#############################################################
Joomla Component Joomnik Gallery SQL Injection Vulnerability                                      
#############################################################

# Author : SOLVER ~ Bug Researchers

# Date : 26.05.2011

# Greetz : DreamPower - CWKOMANDO - Toprak - Equ - Err0r - 10line

# Name : Joomla com_joomnik

# Bug Type : SQL injection

# Infection : Admin Login Bilgileri Alinabilir.

# Example Vuln :

[+]/index.php?option=com_joomnik&album=[EXPLOIT]

[+] Dork:"com_joomnik"

[+] Demo: http://site.com/index.php?option=com_joomnik&album=6'

# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.
#############################################################
http://joomlacode.org/gf/project/joomnik/

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services