Exploit Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
12159
Проверка EDB
  1. Пройдено
Автор
VALENTIN
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2010-1468
Дата публикации
2010-04-11
Код:
# Exploit Title: Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection Vulnerability
# Date: 11.04.2010
# Author: Valentin
# Category: webapps/0day
# Version: 
# Tested on: 
# CVE :  
# Code : 

:: General information
:: Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection Vulnerability
:: by Valentin Hoebel
:: [email protected]

:: Product information
:: Name =  Multi-Venue Restaurant Menu Manager (MVRMM)
:: Vendor = Focusplus Developments Ltd.
:: Vendor Website = http://www.focusdev.co.uk/
:: Affected versions = 1.5.2 Stable Update 3 and all previous versions

:: SQL Injection Vulnerability
Vulnerable Parameter
"mid"

Vulnerable URL
http://some-cool-domain.tld/index.php?option=com_mv_restaurantmenumanager&task=menu_display&Venue=XX&mid=XX&Itemid=XX

:: Additional information
Exploitation can be a little bit tricky.

:: Misc
Greetz && Thanks to the inj3ct0r team, Exploit DB, hack0wn and ExpBase!
 
Источник
www.exploit-db.com

Похожие темы