The Joomla Parcoauto component suffers from a remote SQL injection vulnerability.
7ee1ffcee96f5c755f777a3f26f33fd8f270f72a6431ce800ceca27b2c2fcd87
#Exploit Title: Joomla com_parcoauto SQL injection Vulnerability
Date: [03-11-2012]
Author: Andrea Bocchetti - www.andreabocchetti.com
Twitter: @AndreaBocchetti
Demo: http://www.xxx.com/index.php?option=com_parcoauto&action=scheda&idVeicolo=2658810
Work Version: Joomla 1.5
Vulnerable Parameter Name:
idVeicolo
Parameter Type:
number
Attack Sql injection