漏洞描述
【漏洞对象】Joomla插件J-BusinessDirectory 【涉及版本】Joomla插件J-BusinessDirectory 4.9.7版本【漏洞描述】 Joomla插件J-BusinessDirectory 4.9.7版本'type'参数存在SQL注入,可能造成数据泄露,甚至服务器被入侵。
Joomla插件J-BusinessDirectory 4.9.7-SQL注入
PoC代码
暂无相关漏洞推荐
- GLPI /index.php/ajax/ SQL 注入漏洞(CVE-2025-24799)
- Flowise /api/v1/node-load-method/customMCP 命令执行漏洞(CVE-2025-8943)
- Fortinet FortiWeb /api/v2.0/cmdb/system/admin%3f/../../../../../cgi-bin/fwbcgi 权限绕过漏洞(CVE-2025-64446/CVE-2025-58034)
- POC CVE-2017-14725: WordPress < 4.8.2 - Authenticated Open Redirect
- POC CVE-2017-17092: WordPress < 4.9.1 - Authenticated JavaScript File Upload
- POC CVE-2021-34427: Eclipse BIRT Viewer - Remote Code Execution
- POC CVE-2021-4449: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload
- POC CVE-2025-49706: Microsoft SharePoint Server - Authentication Bypass
- POC CVE-2025-55523: Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download
- POC wp-security-hidden-login-exposure: WordPress All-in-One Security <=4.4.1 - Hidden Login Page Exposure
- AstrBot /api/plugin/install-upload 命令执行漏洞(CVE-2025-55449)
- POC CVE-2024-37656: GnuBoard5 5.5.16 - Open Redirect
- POC CVE-2025-64446: FortiWeb - Authentication Bypass