CVE-2010-0753

Joomla! com_sqlreport 1.1 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0753. PoCs published by snakespc.

AI-analyzed exploit summary This exploit is a Perl script for blind SQL injection in Joomla's com_sqlreport component, targeting the user_id parameter. It automates the extraction of database information or file contents via time-based or boolean-based blind SQLi techniques.

Description

SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by snakespc · perlwebappsphp

https://www.exploit-db.com/exploits/11549

View Code ZIP pw:eip

This exploit is a Perl script for blind SQL injection in Joomla's com_sqlreport component, targeting the user_id parameter. It automates the extraction of database information or file contents via time-based or boolean-based blind SQLi techniques.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Joomla with com_sqlreport component

No auth needed

Prerequisites: Target Joomla installation with vulnerable com_sqlreport component · Perl environment with LWP::UserAgent and other dependencies

MITRE ATT&CK