Exploits / Vulnerability Discovered : 2019-08-08 |
Type : webapps |
Platform : php
This exploit / vulnerability Joomla! component js support ticket (component com_jssupportticket) 1.1.5 sql injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
#Exploit Title: Joomla! component com_jssupportticket - SQL Injection
#Dork: inurl:"index.php?option=com_jssupportticket"
#Date: 08.08.19
#Exploit Author: qw3rTyTy
#Vendor Homepage: https://www.joomsky.com/
#Software Link: https://www.joomsky.com/46/download/1.html
#Version: 1.1.5
#Tested on: Debian/nginx/joomla 3.9.0
#####################################
#Vulnerability details:
#####################################
Vulnerable code is in line 441 in file admin/models/userfields.php