漏洞描述
【漏洞对象】Joomla插件J-BusinessDirectory 【涉及版本】Joomla插件J-BusinessDirectory 4.9.7版本【漏洞描述】 Joomla插件J-BusinessDirectory 4.9.7版本'type'参数存在SQL注入,可能造成数据泄露,甚至服务器被入侵。
Joomla插件J-BusinessDirectory 4.9.7-SQL注入
PoC代码
暂无相关漏洞推荐
- POC CVE-2016-15041: MainWP Dashboard <= 3.1.2 - Stored Cross-Site Scripting
- POC CVE-2019-14206: Nevma Adaptive Images - Arbitrary File Deletion
- POC CVE-2023-33960: OpenProject < 12.5.4 - Project Identifiers Exposure
- POC CVE-2024-29137: WordPress Tourfic Plugin <= 2.11.7 - Cross-Site Scripting
- POC CVE-2024-29792: Unlimited Elements for Elementor <= 1.5.93 - Cross Site Scripting
- POC CVE-2024-56159: Astro - Information Disclosure
- POC CVE-2025-4210: Casdoor - Authorization Bypass
- POC CVE-2025-46349: YesWiki Reflected XSS via File Upload
- POC CVE-2025-46549: YesWiki <= 4.5.1 - Cross-Site Scripting
- POC CVE-2025-46550: YesWiki < 4.5.4 - Cross-Site Scripting
- Craft CMS register_argc_argv 代码执行漏洞(CVE-2024-56145)
- 用友Bip /bi/api/Portal/LoginWithV8 目录遍历漏洞(CVE-2025-66744)
- ERPNext /api/method/erpnext.projects.doctype.timesheet.timesheet.get_timesheet_detail_rate SQL 注入漏洞(CVE-2025-52049)