Lucene search
ValentinEDB-ID:12159HistoryApr 11, 2010 - 12:00 a.m.
Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection
2010-04-1100:00:00
Valentin
www.exploit-db.com
23
AI Score
7.4
Confidence
Low
# Exploit Title: Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection Vulnerability
# Date: 11.04.2010
# Author: Valentin
# Category: webapps/0day
# Version:
# Tested on:
# CVE :
# Code :
:: General information
:: Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection Vulnerability
:: by Valentin Hoebel
:: [email protected]
:: Product information
:: Name = Multi-Venue Restaurant Menu Manager (MVRMM)
:: Vendor = Focusplus Developments Ltd.
:: Vendor Website = http://www.focusdev.co.uk/
:: Affected versions = 1.5.2 Stable Update 3 and all previous versions
:: SQL Injection Vulnerability
Vulnerable Parameter
"mid"
Vulnerable URL
http://some-cool-domain.tld/index.php?option=com_mv_restaurantmenumanager&task=menu_display&Venue=XX&mid=XX&Itemid=XX
:: Additional information
Exploitation can be a little bit tricky.
:: Misc
Greetz && Thanks to the inj3ct0r team, Exploit DB, hack0wn and ExpBase!Related
prion
prion
Sql injection
2010-04-19 19:30:00
cve
cve
CVE-2010-1468
2010-04-19 19:30:00
cvelist
cvelist
CVE-2010-1468
2010-04-19 19:04:00
nvd
nvd
CVE-2010-1468
2010-04-19 19:30:00