Exploitation Summary
EIP tracks 2 public exploits for CVE-2011-4823. PoCs published by the_cyber_nuxbie, Chris Russell.
AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in the 'com_sanpham' component for Joomla! due to insufficient sanitization of user-supplied data. It includes example URLs demonstrating the vulnerable parameters.
Description
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.
Exploits (2)
The provided text describes SQL injection vulnerabilities in the 'com_sanpham' component for Joomla! due to insufficient sanitization of user-supplied data. It includes example URLs demonstrating the vulnerable parameters.
The document describes two blind SQL injection vulnerabilities in the Vik Real Estate 1.0 Joomla component, affecting the 'contract' and 'imm' parameters. It provides example URLs demonstrating the vulnerabilities but does not include executable exploit code.