Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18568
HistoryDec 05, 2007 - 12:00 a.m.

Blind Sql-Injection in Joomla 1.5 RC3

2007-12-0500:00:00
vulners.com
32
JSON

Thanks to team of Darkc0de.com

Blind Sql-Injection in Joomla 1.5 RC3

URL : http://localhost/index.php

  1. Parameter = view

The following changes were applied to the original request:
• Set parameter 'view's value to 'somechars'%20+%20'article'

POC URL : http://localhost/index.php?option=com_content&view=somechars'%20+%20'article&id=25&Itemid=28

This test uses several different HTTP requests in order to verify the existence of a Blind SQL
Injection vulnerability. The resulting test responses show that requests containing conditions with
the same logical values were identical to the original valid response, and the responses with
different values were not. This indicates that an SQL query is being executed at the back-end
database, and that the injected values affect the original query

  1. Parameter = task

The following changes were applied to the original request:
• Set parameter 'task's value to 'somechars%27+%2B+%27search'

POC URL : http://localhost/index.php?searchword=&task=somechars%27+%2B+%27search&option=com_search

  1. Parameter = option

The following changes were applied to the original request:
• Set parameter 'option's value to 'somechars%27+%2B+%27com_search'

POC URL :http://localhost/index.php?searchword=&task=search&option=somechars%27+%2B+%27com_search


greetz to : d3, baltazar , Zugzwang , icqbomber
JSON