Joomla Hospital SQL Injection

2011-07-15T00:00:00
ID PACKETSTORM:103076
Type packetstorm
Reporter SOLVER
Modified 2011-07-15T00:00:00

Description

                                        
                                            `<------------------- header data start ------------------- >  
#############################################################  
Joomla Component Com_Hospital SQL Injection Vulnerability   
#############################################################  
  
# Author : SOLVER ~ Bug Researchers  
  
# Date : 16.06.2011  
  
# Name : Joomla com_hospital  
  
# Bug Type : SQL injection  
  
# Infection : Admin Login Bilgileri Alinabilir.  
  
# Example Vuln :  
  
[+]/index.php?option=com_hospital&view=departments&Itemid=21&did=[EXPLOIT]  
  
[+] Dork:inurl:"com_hospital"  
  
[+] Demo: http://site/index.php?option=com_hospital&view=departments&Itemid=21&did=[SQL INJECTION]  
  
# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.  
#############################################################  
`