Joomla! 1.5.x SQL Error Information Disclosure Vulnerability

2010-11-05T00:00:00
ID EDB-ID:34955
Type exploitdb
Reporter YGN Ethical Hacker Group
Modified 2010-11-05T00:00:00

Description

Joomla! 1.5.x SQL Error Information Disclosure Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/44674/info

Joomla! is prone to an information-disclosure vulnerability due to an SQL error.

Exploiting this issue can allow attackers to gain access to sensitive information contained in the application's database. Successful exploits may lead to other attacks.

Versions prior to Joomla! 1.5.22 are vulnerable. 

http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg
http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injectio /sqli_%28filter_order_Dir%29_front.jpg
http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injectio /sqli_%28filter_order_Dir%29_back.jpg