SQL Injection (SQLi) via the 'type' parameter. Author: Ihsan Sencan. Disclosure Date: January 23, 2019. Platform: PHP-based web applications. Analysis of the Exploit (46230.rar Content)
The file is an exploit package hosted on Exploit Database (EDB-ID 46230) . It provides a proof-of-concept for a SQL Injection vulnerability in the J-BusinessDirectory 4.9.7 component for Joomla!. Vulnerability Overview 46230.rar
Potential for an attacker to escalate privileges and become a database or site administrator. SQL Injection (SQLi) via the 'type' parameter
The ability to modify, corrupt, or delete data within the system. Remediation & Mitigation 46230.rar
To protect against this vulnerability, administrators should take the following steps:
Upgrade J-BusinessDirectory to the latest version. This vulnerability specifically impacts version 4.9.7 and was addressed in subsequent security patches.