Joomla! Component Sexy polling 1.0.8 – ‘answer_id’ SQL Injection

Exploit Database
116 阅读

作者： High-Tech Bridge

日期： 2014-01-16
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/39028/

source: https://www.securityfocus.com/bid/64991/info

Sexy polling extension for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Sexy polling 1.0.8 is vulnerable; other versions may also be affected.

http://www.example.com/components/com_sexypolling/vote.php

POST

answer_id[]=[SQL Injection]

last Exploits
Joomla! Component Sexy polling 1.0.8 – ‘answer_id’ SQL Injection的更多信息

Oracle CTI Web Service – ‘EBS_ASSET_HISTORY_OPERATIONS’ XML Entity Injection：
Populum 2.3 – SQL Injection：
Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)：
CMS Loko Media – Local File Download：
Mitsubishi Electric smartRTU / INEA ME-RTU – Unauthenticated Configuration Download：
LG-Ericsson iPECS NMS 30M – Directory Traversal：
Squirrelcart Cart Shop 3.3.4 – Multiple Web Vulnerabilities：
TinyWebGallery 1.8.3 – Multiple Vulnerabilities：