Skip to main content |path disclosure, xss, sql injections, shell upload

We can start to detect the version manually (automated tools, like joomscan, are giving random values) from

libraries/joomla/crypt/index.html is missing, so it's probably before Joomla! 1.5.26.
components/com_mailto/helpers/index.html is missing, so it's probably before Joomla! 1.5.23.

(Tip: I just used files and folder comparison with beyond compare, but you can also use Meld on linux)

To get the path we try to raise errors with wrong sql queries. In this case we are abusing of the weblinks component and adding the filter_order even if the site uses SEF urls (who cares).

to get an output like this:
No valid database connection Unknown column '0' in 'order clause' SQL=SELECT * FROM jos_weblinks WHERE catid = 53 AND published = 1 AND archived = 0 ORDER BY 0 ASC, ordering LIMIT 0, 20
No valid database connection Unknown column '0' in 'order clause' SQL=SELECT * FROM jos_weblinks WHERE catid = 53 AND published = 1 AND archived = 0 ORDER BY 0 ASC, ordering
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /usr/share/joomla15/Lesim/libraries/joomla/database/database/mysql.php on line 344

There are common Joomla problems of sql injections and xss for versions before 1.5.23.


Popular posts from this blog

2022 - Remove (the too many) Ads from Memu launcher

Simple method Download from pureapk "MEmu Launcher2" ex: MEmu Install "System app remover" (root) remove from system apps the "memu launcher 2" import the "purified" MEmu Launcher2 apk with the Memu utility ("apk" on the right toolbar) Longer method Install "Export Apk" Export the memu launcher2  Install purify use purify with the exported memu launcher 2 Install "System app remover" (root) remove from system apps the "memu launcher 2" import the "purified" MEmu Launcher2 apk with the Memu utility ("apk" on the right toolbar)      

[FIX] cyberpunk skip dialogue disappeared - pc Y button

  open C:\Games\Cyberpunk 2077\r6\config\inputUserMappings.xml with a text editor (ex. notepad++)   find   <mapping name="SceneFastForward_Button" type="Button" > ... </mapping> example (my non working settings)     <mapping name="SceneFastForward_Button" type="Button" >         <button id="IK_Pad_DigitLeft" />         <button id="IK_Y" overridableUI="fastForward" />     </mapping> and REPLACE it with the following:     <mapping name="SceneFastForward_Button" type="Button" >         <button id="IK_Pad_B_CIRCLE" />         <button id="IK_C" overridableUI="fastForward"/>     </mapping> thanks to the vanilla xml files on nexus mods as the original source.

Database Collation when installing Opencart 3.x, 4.x

  To avoid several problems the database collation for opencart should be as follows: - for Opencart and above it should be " utf8mb4_general_ci " - for Opencart 1.5.51 (Opencart  2.x, Opencart 3.x ) up to Opencart the collation should be " utf8_general_ci " - for Opencart 1.4.1 up to Opencart the collation should be " utf8_bin " - for Opencart <1.1.1 up to Opencart 1.4.0 the collation should be " utf8_unicode_ci " If you are using the latest version of mysql always use " utf8mb4_general_ci ". Never use UTF8mb3*